Summary: The video discusses the vulnerabilities associated with VH backups and how ransomware gangs exploit these weaknesses to compromise sensitive data, delete backups, or encrypt data. It emphasizes the importance of securing VH servers by disconnecting them from the domain and following best practices.
Keypoints:
- The flaw in backups can lead to unauthorized code presence.
- Ransomware gangs target VH backups for their attacks.
- When accessing a VH server, attackers can delete or encrypt backups and data.
- Data extraction can occur prior to encryption by the attackers.
- The recommended practice is to review best practice documents provided by security experts.
- Disconnecting VH servers from the domain is advised for better security.
- Utilizing private VLANs for backup servers can enhance security measures.
Youtube Video: https://www.youtube.com/watch?v=W3o4b-khYiU
Youtube Channel: Security Weekly β A CRA Resource
Video Published: Fri, 28 Mar 2025 22:00:19 +0000