Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware
Threat actors are exploiting a now-patched vulnerability in Veeam Backup & Replication (CVE-2024-40711) to deploy Akira and Fog ransomware. Using compromised VPN credentials, attackers create local accounts and spread ransomware, targeting enterprise backup systems. The flaw, rated 9.8 on the CVSS scale, enables remote code execution and was patched in September 2024.
- CVE-2024-40711, a critical flaw in Veeam Backup & Replication, allows unauthenticated remote code execution.
- Exploited through compromised VPN gateways without multifactor authentication and outdated software versions.
- Attackers deployed Akira and Fog ransomware, with one case involving Hyper-V servers and rclone for data exfiltration.
- A new variant linked to INC ransomware, Lynx ransomware, has been active since July 2024, targeting various sectors.
- Trinity and MedusaLocker variants like BabyLockerKZ are being observed, exploiting phishing emails and software vulnerabilities.
Organizations should patch critical vulnerabilities, enforce multifactor authentication, and update unsupported software versions to safeguard against the exploitation of flaws like CVE-2024-40711, which attackers are using to target enterprise backup systems and deploy ransomware.
Comment(s)
Categories
- Other (42)
- Ransomware (117)
- Events and News (25)
- Features (44)
- Security (413)
- Tips (79)
- Google (22)
- Achievements (7)
- Products (31)
- Activation (7)
- Dealers (1)
- Bank Phishing (42)
- Malware Alerts (175)
- Cyber Attack (216)
- Data Backup (11)
- Data Breach (74)
- Phishing (131)
- Securty Tips (1)
- Browser Hijack (16)
- Adware (15)
- Email And Password (67)
- Android Security (53)
- Knoweldgebase (37)
- Botnet (15)
- Updates (3)
- Alert (70)
- Hacking (56)
- Social Media (7)
- vulnerability (50)
- Hacker (31)
- Spyware (8)
- Windows (5)
- Microsoft (21)
- Uber (1)
- YouTube (1)
- Trojan (2)
- Website hacks (3)
- Paytm (1)
- Credit card scam (1)
- Telegram (3)
- RAT (4)
- Bug (3)
- Twitter (2)
- Facebook (7)
- Banking Trojan (4)
- Mozilla (2)
- COVID-19 (5)
- Instagram (2)
- NPAV Announcement (5)
- IoT Security (1)
- Deals and Offers (1)
- Cloud Security (7)
- Offers (5)
- Gaming (1)
- FireFox (2)
- LinkedIn (2)
- WhatsApp (4)
- Amazon (1)
- DMart (1)
- Payment Risk (4)
- Occasion (2)
- firewall (1)
- Cloud malware (2)
- Cloud storage (2)
- Financial fraud (4)
- Impersonation phishing (1)
- DDoS (4)
- Smishing (2)
- Whale (0)
- Whale phishing (3)
- WINRAR (2)
- ZIP (1)
Recent Posts
Archive
Tags
cyber attack
phishing
data breach
ransomware
ransomeware
android malware
cyber security
data stealing
ddos
india
financial security
twitter
phishing email
microsoft
cert-in
cybercrime
malware
pune
vulnerability
cyber crime
independence day
occasion
hacking
telegram
phishing scam
android apps
financial fraud
cyber attack in india
data security
scam
clop gang
pakistani hackers
clop gang extorting
google play store
play store
fedex
user data leak
microsoft team
android
pakistan-backed hacker
whatsapp
clop
malicious apps
email phishing
december cyber attacks
lockbit
cert
cryptojacking
ddos attack
winrar