Critical Veeam Backup & Replication Vulnerability Under Active Exploitation


Security researchers have reported CVE-2024-40711 is under active exploitation by ransomware groups. These groups are reportedly exploiting CVE-2024-40711 as a second stage exploit to create new local Administrator accounts to facilitate further objectives on compromised networks.

Reports warn of exploitation attempts since shortly after official disclosure by Veeam. Enterprise backup and disaster recovery applications are valuable targets for cyber threat groups.

Read more…
Source: NHS Digital


Sign up for our Newsletter


Related:

  • Patch now! New Chrome update for two critical vulnerabilities

    October 30, 2024

    Google has released an update for its Chrome browser which includes patches for two critical vulnerabilities. The update brings the Stable channel to versions 130.0.6723.91/.92 for Windows and Mac and 130.0.6723.91 for Linux. The easiest way to update Chrome is to allow it to update automatically, but you can end up lagging behind if you never ...

  • Exploring CVE-2024-38227 vulnerability in Microsoft SharePoint

    October 25, 2024

    On September 10, Microsoft released another batch of updates addressing 79 vulnerabilities in its products. Among the patches that caught our attention were those for Microsoft SharePoint, an extensive content management system (CMS). Four out of the five SharePoint vulnerabilities covered by the September release allowed remote code execution (RCE) and one of them posed ...

  • Safe Software Deployment: How Software Manufacturers Can Ensure Reliability for Customers

    October 24, 2024

    Many software manufacturers and service providers deploy software and configuration updates as part of their service offerings. These updates may enhance features and/or address security vulnerabilities to provide benefits and security to customers. However, software and the systems that deploy software are highly complex and continually evolving, making it challenging to deploy secure updates. It is ...

  • Command Injection and Local File Inclusion in Grafana: CVE-2024-9264

    October 24, 2024

    The SonicWall Capture Labs threat research team became aware of a critical vulnerability in Grafana, assessed its impact and developed mitigation measures. Grafana is a multi-platform open-source analytics and visualization solution that can produce charts, graphs and alerts according to the data. Identified as CVE-2024-9264, Grafana versions 11.0.x, 11.1.x and 11.2.x allows an attacker with ‘viewer’ ...

  • The Crypto Game of Lazarus APT: Investors vs. Zero-days

    October 23, 2024

    On May 13, 2024, Kaspersky consumer-grade product Kaspersky Total Security detected a new Manuscrypt infection on the personal computer of a person living in Russia. Since Lazarus rarely attacks individuals, this piqued Kaspersky researchers interest and they decided to take a closer look. The researchers discovered that prior to the detection of Manuscrypt, Kaspersky technologies also ...

  • VMWare vCenter Server CVE-2024-38812 DCERPC Vulnerability

    October 23, 2024

    CVE-2024-38812 is a critical heap-overflow vulnerability identified in VMware vCenter Server’s implementation of the DCERPC (Distributed Computing Environment/Remote Procedure Call) protocol. This flaw allows a malicious actor with network access to the vCenter Server to send specially crafted packets, potentially leading to remote code execution (RCE). The vulnerability, classified under CWE-122 (Heap-based Buffer Overflow), arises when ...