<p>This episode examines a sophisticated ArcGIS hack that remained undetected for 12 months. The threat group Flax Typhoon compromised an ArcGIS server by exploiting weak credentials and deploying a malicious Java extension that functioned as a web shell. The attack highlights critical failures in traditional security approaches: the malware was backed up along with legitimate data, signature-based detection tools completely missed the custom code, and the lack of multi-factor authentication made the initial breach possible. Curtis and Prasanna discuss why behavioral detection is now mandatory, how password length trumps complexity, and the importance of cyber hygiene practices like regular system audits and extension management. They also cover ReliaQuest's recommendations for preventing similar attacks, including automated response playbooks and monitoring for anomalous behavior. If you're running public-facing applications or managing any IT infrastructure, this episode provides actionable lessons you can't afford to ignore.</p><p>https://reliaquest.com/blog/threat-spotlight-inside-flax-typhoons-arcgis-compromise</p>

This episode examines a sophisticated ArcGIS hack that remained undetected for 12 months. The threat group Flax Typhoon compromised an ArcGIS server by exploiting weak credentials and deploying a malicious Java extension that functioned as a web shell. The attack highlights critical failures in traditional security approaches: the malware was backed up along with legitimate data, signature-based detection tools completely missed the custom code, and the lack of multi-factor authentication made the initial breach possible. Curtis and Prasanna discuss why behavioral detection is now mandatory, how password length trumps complexity, and the importance of cyber hygiene practices like regular system audits and extension management. They also cover ReliaQuest's recommendations for preventing similar attacks, including automated response playbooks and monitoring for anomalous behavior. If you're running public-facing applications or managing any IT infrastructure, this episode provides actionable lessons you can't afford to ignore. https://reliaquest.com/blog/threat-spotlight-inside-flax-typhoons-arcgis-compromise

The ArcGIS Hack That Turned Backups Into a Malware Repository

Formerly known as "Restore it All," The Backup Wrap-up podcast turns unappreciated backup admins into cyber recovery heroes. After a brief analysis of backup-related news, each episode dives deep into one topic that you can use to better protect your organization from data loss, be it from accidents, disasters, or ransomware.  

The Backup Wrap-up is hosted by W. Curtis Preston (Mr. Backup) and his co-host Prasanna Malaiyandi. Curtis' passion for backups began over 30 years ago when his employer, a $35B bank, lost its purchasing database – and the backups he was in charge of were worthless. After miraculously not being fired, he resolved to learn everything he could about a topic most people try to get away from.  His co-host, Prasanna, saw similar tragedies from the vendor side of the house and also wanted to do whatever he could to stop that from happening to others.

A particular focus lately has been the scourge of ransomware that is plaguing IT organizations across the globe.  That's why in addition to backup and disaster recovery, we also touch on information security techniques you can use to protect your backup systems from ransomware.  If you'd like to go from being unappreciated to being a cyber recovery hero, this is the podcast for you.

Technology

Formerly known as "Restore it All," The Backup Wrap-up podcast turns unappreciated backup admins into cyber recovery heroes. After a brief analysis of backup-related news, each episode dives deep into one topic that you can use to better protect your organization from data loss, be it from accidents, disasters, or ransomware. The Backup Wrap-up is hosted by W. Curtis Preston (Mr. Backup) and his co-host Prasanna Malaiyandi. Curtis' passion for backups began over 30 years ago when his employer, a $35B bank, lost its purchasing database – and the backups he was in charge of were worthless. After miraculously not being fired, he resolved to learn everything he could about a topic most people try to get away from. His co-host, Prasanna, saw similar tragedies from the vendor side of the house and also wanted to do whatever he could to stop that from happening to others. A particular focus lately has been the scourge of ransomware that is plaguing IT organizations across the globe. That's why in addition to backup and disaster recovery, we also touch on information security techniques you can use to protect your backup systems from ransomware. If you'd like to go from being unappreciated to being a cyber recovery hero, this is the podcast for you.

Formerly known as "Restore it All," The Backup Wrap-up podcast turns unappreciated backup admins into cyber recovery heroes. After a brief analysis of backup-related news, each episode dives deep into one topic that you can use to better protect your organization from data loss, be it from accidents, disasters, or ransomware. &nbsp;

The Backup Wrap-up is hosted by W. Curtis Preston (Mr. Backup) and his co-host Prasanna Malaiyandi. Curtis' passion for backups began over 30 years ago when his employer, a $35B bank, lost its purchasing database – and the backups he was in charge of were worthless. After miraculously not being fired, he resolved to learn everything he could about a topic most people try to get away from.&nbsp; His co-host, Prasanna, saw similar tragedies from the vendor side of the house and also wanted to do whatever he could to stop that from happening to others.

A particular focus lately has been the scourge of ransomware that is plaguing IT organizations across the globe.&nbsp; That's why in addition to backup and disaster recovery, we also touch on information security techniques you can use to protect your backup systems from ransomware.&nbsp; If you'd like to go from being unappreciated to being a cyber recovery hero, this is the podcast for you.

Share The ArcGIS Hack That Turned Backups Into a Malware Repository

Sign up to save your podcasts

The ArcGIS Hack That Turned Backups Into a Malware Repository

The ArcGIS Hack That Turned Backups Into a Malware Repository

More shows like The Backup Wrap-Up

Freakonomics Radio

The Changelog: Software Development, Open Source

Security Now (Audio)

Software Engineering Daily

Risky Business

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

CyberWire Daily

The Daily

Cybersecurity Today

Hacking Humans

Defense in Depth

Cyber Security Headlines

Hard Fork

The Ezra Klein Show

Risky Bulletin