Veeam
Ransomware operators have exploited a critical vulnerability in Veeam Backup & Replication, identified as CVE-2024-40711, to execute arbitrary code and deploy malware. This vulnerability allowed attackers to create rogue accounts with administrator privileges. These compromised accounts were then used to deploy ransomware, specifically Fog and Akira variants, and in some instances to exfiltrate data from the network. The attack vectors included access through VPN gateways without multifactor authentication, often with outdated software. The severity of the vulnerability and the sophistication of the attacks indicate a significant security oversight, resulting in considerable risk to data integrity and availability for affected organizations.
"id": "vee000101324",
"linkid": "veeam-software",
"type": "Ransomware",
"date": "10/2024",
"severity": "100",
"impact": "",
"explanation": "Attack which disrupt the payment process for a shop"