Security News

Critical Flaws Discovered in Veeam ONE IT Monitoring Software – Patch Now
2023-11-07 05:08

Veeam has released security updates to address four flaws in its ONE IT monitoring and analytics platform, two of which are rated critical in severity. Fixes for the issues are available in the below versions -.

Veeam warns of critical bugs in Veeam ONE monitoring platform
2023-11-06 21:58

Veeam released hotfixes today to address four vulnerabilities in the company's Veeam ONE IT infrastructure monitoring and analytics platform, two of them critical."A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration database. This may lead to remote code execution on the SQL server hosting the Veeam ONE configuration database," an advisory published today says about the bug tracked as CVE-2023-38547.

Cuba ransomware uses Veeam exploit against critical U.S. organizations
2023-08-20 14:15

The Cuba ransomware gang was observed in attacks targeting critical infrastructure organizations in the United States and IT firms in Latin America, using a combination of old and new tools. BlackBerry's Threat Research and Intelligence team, which spotted the latest campaign in early June 2023, reports that Cuba now leverages CVE-2023-27532 to steal credentials from configuration files.

Hackers target vulnerable Veeam backup servers exposed online
2023-04-29 14:41

Veeam backup servers are being targeted by at least one group of threat actors known to work with multiple high-profile ransomware gangs. Malicious activity and tools echoing FIN7 attacks have been observed in intrusions since March 28, less than a week after an exploit became available for a high-severity vulnerability in Veeam Backup and Replication software.

Exploit released for Veeam bug allowing cleartext credential theft
2023-03-23 16:18

Cross-platform exploit code is now available for a high-severity Backup Service vulnerability impacting Veeam's Backup & Replication software. The flaw affects all VBR versions and can be exploited by unauthenticated attackers to breach backup infrastructure after stealing cleartext credentials and gaining remote code execution as SYSTEM. Veeam released security updates to address this vulnerability for VBR V11 and V12 on March 7, advising customers using older releases to upgrade to secure vulnerable devices running unsupported releases.

Veeam Backup & Replication admins, get patching! (CVE-2023-27532)
2023-03-10 05:45

Veeam Software has patched CVE-2023-27532, a high-severity security hole in its widely-used Veeam Backup & Replication solution, and is urging customer to implement the fix as soon as possible. The nature of CVE-2023-27532 has not been explained - Veeam only says that "The vulnerable process, Veeam.Backup.Service.exe, allows an unauthenticated user to request encrypted credentials."

Veeam fixes bug that lets hackers breach backup infrastructure
2023-03-08 18:13

Veeam urged customers to patch a high-severity Backup Service security vulnerability impacting its Backup & Replication software.The flaw was reported in mid-February by a security researcher known as Shanigen, and it affects all Veeam Backup & Replication versions.

CISA Alert: Veeam Backup and Replication Vulnerabilities Being Exploited in Attacks
2022-12-16 05:45

The U.S. Cybersecurity and Infrastructure Security Agency has added two vulnerabilities impacting Veeam Backup & Replication software to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation in the wild. "The Veeam Distribution Service allows unauthenticated users to access internal API functions," Veeam noted in an advisory published in March 2022.

RomCom RAT malware campaign impersonates KeePass, SolarWinds NPM, Veeam
2022-11-03 19:36

The threat actor behind the RomCom RAT has refreshed its attack vector and is now abusing well-known software brands for distribution. In a new campaign discovered by BlackBerry, the RomCom threat actors were found creating websites that clone official download portals for SolarWinds Network Performance Monitor, KeePass password manager, and PDF Reader Pro, essentially disguising the malware as legitimate programs.

Noberus ransomware gets info-stealing upgrades, targets Veeam backup software
2022-09-25 08:50

An extensively updated version of the Exmatter data exfiltration tool was seen last month being used with Noberus in ransomware infections, and at least one affiliate using Noberus was detected using Eamfo, the info-stealing malware that connects to the SQL database where a victim's Veeam backup software installation stores credentials, according to researchers in Symantec's Threat Hunting Team. Coreid has continuously updated Noberus since it first emerged in November 2021, shortly after BlackMatter was retired in a suspected move by the ransomware gang to stay ahead of law enforcement.