November 11, 2024 at 07:02AM Veeam has issued a hotfix for a critical authentication bypass vulnerability in Backup Enterprise Manager, addressing an expanding exploitation of the previous flaw. This update aims to enhance security and protect users from potential risks associated with the vulnerability. ### Meeting Notes Summary: – **Topic**: Veeam Hotfix Release – **Issue**: … Read more
November 8, 2024 at 03:28PM A critical vulnerability (CVE-2024-40711) in Veeam Backup & Replication has been exploited in multiple ransomware attacks, including Frag. Discovered by Code White, the flaw allows remote code execution. Delays in revealing exploit details were intended to protect users, but previous attacks showed little impact, highlighting Veeam’s popularity among threat actors. … Read more
October 14, 2024 at 05:00AM Threat actors are exploiting a critical vulnerability in Veeam Backup & Replication (CVE-2024-40711) to deploy Akira and Fog ransomware, leveraging compromised VPN credentials. Sophos warns of successful attacks via unprotected systems. In parallel, new ransomware variants like Lynx and Trinity are emerging, highlighting increasing cybersecurity threats across sectors. ### Meeting … Read more
October 10, 2024 at 06:10PM Ransomware gangs are exploiting a critical vulnerability (CVE-2024-40711) in Veeam Backup & Replication servers, allowing remote code execution. Disclosed on September 4 with updates, attackers used compromised VPNs to deploy Akira and Fog ransomware. Veeam has a history of vulnerabilities attracting such malicious activity, impacting many global organizations. **Meeting Takeaways:** … Read more
September 19, 2024 at 04:10PM A researcher has released a proof-of-concept exploit and analysis for CVE-2024-40711, a critical vulnerability in Veeam’s backup software. The flaw, with a CVSS score of 9.8, allows unauthenticated remote code execution. Veeam has released patches, but there are concerns about their effectiveness. Enterprises are urged to apply the latest patch … Read more
September 6, 2024 at 08:00AM Veeam announced patches for critical-severity bugs this week, impacting its enterprise products. The vulnerabilities could lead to remote code execution and sensitive information disclosure. The flaws affect various Veeam solutions including Backup & Replication, Veeam ONE, Service Provider Console, Veeam Agent for Linux, and other plugins. Users are advised to … Read more
July 10, 2024 at 10:33AM Veeam Backup & Replication software contains a patched security flaw being exploited by the ransomware group EstateRansomware. The threat actors used a dormant account to gain initial access, pivoting laterally through the SSL VPN service. They deployed a persistent backdoor to evade detection and carried out attacks, including disabling Windows … Read more
June 7, 2024 at 05:00AM The FBI has 7,000 decryption keys for LockBit ransomware, aiming to help victims. The gang’s infrastructure was dismantled in an international operation, and its administrator, Dmitry Yuryevich Khoroshev, was identified. Despite this, LockBit remains active, with new variants targeting vulnerable Microsoft SQL servers and VMware ESXi systems. Organizations are warned … Read more
May 23, 2024 at 10:41AM Veeam addressed a critical vulnerability in its Backup Enterprise Manager, CVE-2024-29849, which could allow unauthorized access to the VBEM web interface. Although attackers could log in as any user, Veeam confirmed that the flaw wouldn’t lead to backups being deleted due to the immutable backups and authorization measures. Customers are … Read more
May 22, 2024 at 09:03AM Veeam released a Backup & Replication update addressing four vulnerabilities, including a critical Backup Enterprise Manager bug allowing unauthenticated access. The update also resolves high-severity issues related to NTLM relay attacks and stealing NTLM hash. Users are advised to update installations due to potential exploitation by threat actors. Based on … Read more