Detect Ransomware Before It Destroys Your Business
Ransomware detection is more complex than most organizations realize. In this episode, cybersecurity expert Mike Saylor breaks down the real-world signs of ransomware attacks—from users complaining about slow computers to smart devices acting strangely. We explore polymorphic malware that changes based on its target, the risks posed by managed service providers using shared credentials, and why milliseconds matter in ransomware detection and response. Mike explains the difference between EDR, XDR, SIEM, and SOAR tools, helping you understand which security solutions you actually need. We also discuss why 24/7 monitoring is non-negotiable and how even small businesses can afford proper ransomware detection capabilities. If you're trying to protect your organization without breaking the bank, this episode offers practical guidance on building your security stack and knowing when to call in expert help.
--------
33:56
--------
33:56
The ArcGIS Hack That Turned Backups Into a Malware Repository
This episode examines a sophisticated ArcGIS hack that remained undetected for 12 months. The threat group Flax Typhoon compromised an ArcGIS server by exploiting weak credentials and deploying a malicious Java extension that functioned as a web shell. The attack highlights critical failures in traditional security approaches: the malware was backed up along with legitimate data, signature-based detection tools completely missed the custom code, and the lack of multi-factor authentication made the initial breach possible. Curtis and Prasanna discuss why behavioral detection is now mandatory, how password length trumps complexity, and the importance of cyber hygiene practices like regular system audits and extension management. They also cover ReliaQuest's recommendations for preventing similar attacks, including automated response playbooks and monitoring for anomalous behavior. If you're running public-facing applications or managing any IT infrastructure, this episode provides actionable lessons you can't afford to ignore.https://reliaquest.com/blog/threat-spotlight-inside-flax-typhoons-arcgis-compromise
--------
25:18
--------
25:18
Deepfake Attacks: The Growing Threat to Enterprise Security
Deepfake attacks are exploding, and your company is probably not ready. In this episode of The Backup Wrap-up, we dive into how cybercriminals are using AI to clone voices and create fake videos to authorize fraudulent wire transfers and reset credentials. With nearly 50% of businesses already experiencing deepfake attacks, this isn't a future problem – it's happening right now. We break down the two main attack vectors: authorization fraud (where fake CEOs trick employees into wiring money) and credential theft (where attackers reset passwords and MFA tokens). More importantly, we give you actionable defense strategies: multi-channel verification protocols, callback procedures for sensitive transactions, employee training programs, and break-glass scenarios. You'll learn what not to rely on (spoiler: caller ID is worthless) and why policy and procedure matter more than technology alone. This is a must-listen for anyone responsible for security or financial controls.
--------
38:24
--------
38:24
Cyber Attack Notification - Final Lessons from Mr. Robot Season One
When cyber attack notification goes wrong, companies face a disaster worse than the original breach. This episode dives deep into the critical mistakes organizations make when communicating about security incidents - and why transparency beats secrecy every time.We examine real-world failures like LastPass and Rackspace, where poor communication strategies amplified the damage from their cyber attacks. From legal requirements in California and GDPR to the new one-hour notification rules in China, we cover what regulations demand and why going beyond compliance makes business sense.Learn how to create effective status pages, manage customer expectations during recovery, and avoid the death-by-a-thousand-cuts approach that destroys trust. We share practical strategies for early and frequent communication that can actually strengthen customer relationships during crisis situations.
--------
48:04
--------
48:04
Insider Threats and the Power of Least Privilege Access
Insider threats represent one of the most dangerous cybersecurity risks facing organizations today - and they're way more common than you think. In this episode of The Backup Wrap-up, we explore the three main types of insider threats: compromised employees who get extorted or have their credentials stolen, disgruntled workers who want revenge after getting fired, and outside attackers who infiltrate your company to become malicious insiders. We break down real-world scenarios and discuss how to protect against them using least privilege principles, monitoring systems, and immutable backups. You'll learn why 31% of insider threat incidents could have been prevented if someone had spoken up, and why immutable backups are your last line of defense when an insider goes rogue. This is a must-listen for anyone responsible for data protection and cybersecurity.
Formerly known as "Restore it All," The Backup Wrap-up podcast turns unappreciated backup admins into cyber recovery heroes. After a brief analysis of backup-related news, each episode dives deep into one topic that you can use to better protect your organization from data loss, be it from accidents, disasters, or ransomware.
The Backup Wrap-up is hosted by W. Curtis Preston (Mr. Backup) and his co-host Prasanna Malaiyandi. Curtis' passion for backups began over 30 years ago when his employer, a $35B bank, lost its purchasing database – and the backups he was in charge of were worthless. After miraculously not being fired, he resolved to learn everything he could about a topic most people try to get away from. His co-host, Prasanna, saw similar tragedies from the vendor side of the house and also wanted to do whatever he could to stop that from happening to others.
A particular focus lately has been the scourge of ransomware that is plaguing IT organizations across the globe. That's why in addition to backup and disaster recovery, we also touch on information security techniques you can use to protect your backup systems from ransomware. If you'd like to go from being unappreciated to being a cyber recovery hero, this is the podcast for you.
Brasil