From the Fortress

For twenty years, defenders treated their network domain controller as the crown jewel of the network: it had to be protected at all costs. If the attacker reached domain admin, the company was owned by the actor. Defense strategies focused on protecting that one privileged path. The crown jewel has moved in today’s world: the…

In an unassuming building in Novato, California, DriveSavers Data Recovery keeps something they call the Museum of Bizarre Disk-asters. Inside this museum are devices that survived house fires, snowblowers, monorails, and ocean sinkings. The machines on those shelves are a kind of optimism. They tell customers that even something extraordinary can usually be brought back….

In late April 2026, a clinical billing platform serving more than 200 community hospitals across the southeastern United States went offline for six days following a ransomware attack on its parent organization. None of the hospitals had been breached. The billing vendor had. The operational result was identical. Patient charges could not be processed, claims…

The first thing that happens in a clinic when the electronic health record goes down is the front desk gets quiet. Then a nurse asks where the patient’s allergy list is. Then a clinician decides whether to delay an infusion. Then someone at the back of the line wonders why their appointment hasn’t been confirmed….

Most data loss conversations in 2026 still circle a misunderstanding that ought to have been retired a decade ago. The misunderstanding is the quiet conflation of a SaaS provider’s storage with a customer’s backup. The two operate under different responsibilities, and the gap between them is where a steadily growing share of the year’s data…

“We’re covered. Defender comes with Windows.” Walk into enough small and mid-sized businesses and you’ll hear some version of that sentence in the first ten minutes. It’s usually said with confidence, often by people who care about security and are doing what they believe is reasonable. The gap between what those teams think they have…

When the cyber extortion group ShinyHunters posted nine major brands to its leak site on April 20, the lineup read like a tour of modern consumer life. Zara, 7-Eleven, Pitney Bowes, Carnival, Rockstar Games. More than nine million records in play. Ransom demanded by the next morning. By now the playbook is familiar. A phone…

In May 2026, security researchers disclosed a campaign tracked as MuddyWater that should change how every executive thinks about ransomware attribution. The actor is nation–sponsored. The technique used Microsoft Teams social engineering to compromise targets. The ransom note presented the operation as Chaos-brand ransomware-as-a-service, a known criminal RaaS family, in what appears to have been…

World Backup Day comes around in late March every year, and the backup industry uses the date the way the cardiology industry uses American Heart Month. Awareness gets raised. Reminders get posted. A small percentage of organizations actually go check their backups. Most get back to whatever else was on the schedule that week. The…

In 2026, the operating story of supply chain attacks has shifted in a way that should change how every business buys managed services. Group-IB, Huntress, and Acronis have all published research this year describing the same trend. Managed service providers, including managed backup and recovery providers, are no longer collateral damage in supply chain incidents….