Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware
Threat actors are exploiting a now-patched vulnerability in Veeam Backup & Replication (CVE-2024-40711) to deploy Akira and Fog ransomware. Using compromised VPN credentials, attackers create local accounts and spread ransomware, targeting enterprise backup systems. The flaw, rated 9.8 on the CVSS scale, enables remote code execution and was patched in September 2024.
- CVE-2024-40711, a critical flaw in Veeam Backup & Replication, allows unauthenticated remote code execution.
- Exploited through compromised VPN gateways without multifactor authentication and outdated software versions.
- Attackers deployed Akira and Fog ransomware, with one case involving Hyper-V servers and rclone for data exfiltration.
- A new variant linked to INC ransomware, Lynx ransomware, has been active since July 2024, targeting various sectors.
- Trinity and MedusaLocker variants like BabyLockerKZ are being observed, exploiting phishing emails and software vulnerabilities.
Organizations should patch critical vulnerabilities, enforce multifactor authentication, and update unsupported software versions to safeguard against the exploitation of flaws like CVE-2024-40711, which attackers are using to target enterprise backup systems and deploy ransomware.
0 Comment(s)
Categories
- Other (42)
- Ransomware (123)
- Events and News (26)
- Features (44)
- Security (422)
- Tips (79)
- Google (22)
- Achievements (8)
- Products (33)
- Activation (7)
- Dealers (1)
- Bank Phishing (42)
- Malware Alerts (187)
- Cyber Attack (219)
- Data Backup (11)
- Data Breach (75)
- Phishing (138)
- Securty Tips (1)
- Browser Hijack (16)
- Adware (15)
- Email And Password (67)
- Android Security (55)
- Knoweldgebase (38)
- Botnet (15)
- Updates (3)
- Alert (70)
- Hacking (57)
- Social Media (7)
- vulnerability (53)
- Hacker (31)
- Spyware (8)
- Windows (6)
- Microsoft (21)
- Uber (1)
- YouTube (1)
- Trojan (2)
- Website hacks (3)
- Paytm (1)
- Credit card scam (1)
- Telegram (3)
- RAT (5)
- Bug (3)
- Twitter (2)
- Facebook (7)
- Banking Trojan (5)
- Mozilla (2)
- COVID-19 (5)
- Instagram (2)
- NPAV Announcement (5)
- IoT Security (1)
- Deals and Offers (1)
- Cloud Security (8)
- Offers (5)
- Gaming (1)
- FireFox (2)
- LinkedIn (2)
- WhatsApp (4)
- Amazon (1)
- DMart (1)
- Payment Risk (4)
- Occasion (2)
- firewall (1)
- Cloud malware (2)
- Cloud storage (2)
- Financial fraud (4)
- Impersonation phishing (1)
- DDoS (4)
- Smishing (2)
- Whale (0)
- Whale phishing (3)
- WINRAR (2)
- ZIP (2)
Recent Posts
Thousands of Fake Shopping Sites Launched to Steal Credit Card Data During Black Friday
November 15, 2024
Amazon Employee Data Breached in MOVEit Attack Fallout: Over 2.8 Million Records Leaked by Hackers
November 13, 2024
Archive
Tags
cyber attack
phishing
data breach
ransomware
ransomeware
android malware
cyber security
malware
phishing attack
financial security
data stealing
cyber threat
lockbit
twitter
india
ddos
data theft
cert-in
cybercrime
phishing email
microsoft
critical vulnerability
trojan
pakistani hackers
android apps
cyber attacks
email security
organisation
scam
cryptojacking
play store
phishing scam
clop
email phishing
vulnerability
android
server security
pune
malicious apps
clop gang
data security
microsoft team
december cyber attacks
pakistan-backed hacker
phishing attacks
cybercriminals
data backup
winrar
cyber attack in india
ddos attack