Security researchers have reported CVE-2024-40711 is under active exploitation by ransomware groups. These groups are reportedly exploiting CVE-2024-40711 as a second stage exploit to create new local Administrator accounts to facilitate further objectives on compromised networks.
Reports warn of exploitation attempts since shortly after official disclosure by Veeam. Enterprise backup and disaster recovery applications are valuable targets for cyber threat groups.
Read more…
Source: NHS Digital
Related:
- Apple releases iOS 12.1.4, fixes iPhone FaceTime spying bug
February 7, 2019
Apple has released iOS 12.1.4. It’s a patch that fixes a bug that allowed users to spy on others by activating a group FaceTime call without the user’s consent. What made this bug so serious was how trivial it was to leverage, and it forced Apple to pull the plug on the feature at the server ...
- Flaw in Multiple Airline Systems Exposes Passenger Data
February 7, 2019
Researchers have discovered that multiple airline e-ticketing systems do not encrypt check-in links. The security faux pas could allow bad actors on the same network as the victim to view – and in some cases even change – their flight booking details or boarding passes. Security researchers at Wandera said that eight airlines have been sending ...
- New macOS zero-day allows theft of user passwords
February 6, 2019
A German security researcher has published a video over the weekend showing a new zero-day affecting Apple’s macOS desktop operating system. In an interview to German tech site Heise, Linus Henze, the security researcher, says the vulnerability allows a malicious app running on a macOS system to get access to passwords stored inside the Keychain –the password management ...
- Android Phones Can Get Hacked Just by Looking at a PNG Image
February 6, 2019
Using an Android device? Beware! You have to remain more caution while opening an image file on your smartphone—downloaded anywhere from the Internet or received through messaging or email apps. Yes, just viewing an innocuous-looking image could hack your Android smartphone—thanks to three newly-discovered critical vulnerabilities that affect millions of devices running recent versions of Google’s mobile ...
- Your New Car Is A Hacker Magnet — Automotive Industry Disconnect To Blame
February 6, 2019
The car that you drive today is a far cry from those of just a decade ago and in many ways is now an internet-connected computer on wheels. This push towards connectivity and smart-motoring has seen the automotive manufacturing industry shift towards becoming as much about software as they are transportation. And that means it ...
- iOS 12.1.4 is coming to fix the worst iPhone and iPad bug to date
February 2, 2019
If you’re running iOS 12.1 or later on your iPhone, then the iOS 12.1.4 patch that’s coming next week is a must-have because it patches what the worst iOS bug to hit iPhone and iPad users to date. According to Apple, this patch will land “next week.” iOS 12.1.4 will fix a FaceTime bug that offered ...