As you can tell I’m on a bit of a “migrate all the things” story arc here of late and today will be the latest installment. In my last post I covered using the VeeaMover capability to move backups between repositories or jobs but that is not an effective data migration mechanism if you’ve used the Capacity Tier “COPY” capability of a Veeam Scale Out Backup Repository (SOBR).

You've probably seen them: enticing online offers for free products from brands you trust, like a Yeti beach chair from Costco or an emergency car kit from AAA. All you have to do is fill out a quick survey and pay a small "shipping fee" of a couple of dollars. But what seems like a harmless transaction is actually a sophisticated scam with a high price tag. The KnowBe4 Threat Lab team has been tracking a phishing campaign where scammers use these fake surveys to steal financial data.

Below is an example of a sophisticated survey scam phishing email that KnowBe4’s Threat Lab team has been monitoring as discussed in “The Hidden Cost of "Free" Gifts: How Survey Scams Are Evolving to Steal Financial Data”. As discussed in our previous blog, the human element is a critical part of the fake survey scam. However, the campaign's success is largely due to its advanced technical infrastructure.

Data is moving faster than your controls. In 2024, AI privacy/security incidents jumped 56.4%, and 82% of breaches involve cloud systems; the same lanes your LLMs, agents, and RAG pipelines speed through every day. If you’re shipping GenAI inside a regulated org, you need guardrails that protect PII/PHI and IP without crushing context or tanking accuracy. Use this guide to.

In Uber’s 2022 breach, attackers didn’t crack encryption or exploit some unknown flaw. They flooded an employee with MFA prompts until they became exhausted. One careless tap, and an entire enterprise was open. The lesson isn’t that MFA failed. It’s that MFA itself can become the exploit surface. From AiTM phishing proxies like EvilGinx to automated OTP interception, attackers treat MFA like DevOps treats CI/CD, i.e, scalable, repeatable, and scriptable.

Cybercriminals are increasingly abusing AI-assisted website generators to quickly craft convincing phishing sites, according to researchers at Palo Alto Networks’ Unit 42. In many cases, even when these services have safeguards in place to prevent abuse, criminals are able to bypass these measures in order to create phishing pages. Unit 42 tested a popular website generator to see how easy it was to spin up a spoofed website.

Konstantin (Kostya) Ostrovsky is the Chief Architect at Torq, where he leverages over 18 years of experience in software engineering and architecture. He specializes in cybersecurity, with a background that began with writing Windows Kernel Drivers. Konstantin is also a frequent speaker at software engineering conferences globally. Phishing attacks have evolved significantly in recent years, rendering traditional, rule-based defenses ineffective against sophisticated threats.

We’ve all been there, pushing through a cold, a nagging pain, or a persistent feeling of being "off." We tell ourselves it’s nothing, that we’re too busy to slow down. I did the same thing, ignoring my body’s subtle whispers until they turned into a deafening roar. One moment, I was pushing through a typical day, and the next, I was in a hospital bed, a stark reminder that ignoring warning signs can have serious consequences.