Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Veeam RCE Vulnerability Exploited by Hackers

October 11, 2024
Reading Time: 2 mins read
in Alerts
Veeam RCE Vulnerability Exploited by Hackers

Hackers are actively exploiting a critical vulnerability in Veeam Backup & Replication software, designated as CVE-2024-40711, which allows for unauthenticated remote code execution (RCE). Reported by Florian Hauser from CODE WHITE GmbH, this vulnerability has become a significant security concern as it enables attackers to gain unauthorized access to systems and deploy ransomware. The situation is being closely monitored by Sophos X-Ops Managed Detection and Response (MDR) teams, who have observed multiple attacks leveraging this vulnerability in recent weeks.

In a series of attacks, hackers have compromised systems using stolen credentials, particularly targeting VPN gateways that lack multi-factor authentication. Some of these gateways were running outdated software versions, making them easy targets. Once inside, the attackers exploited the Veeam vulnerability by invoking the Veeam.Backup.MountService.exe on a specific URI, which allowed them to create unauthorized accounts with administrative privileges. This critical access enabled them to deploy ransomware effectively, such as Fog ransomware on Hyper-V servers.

One notable incident involved the attackers using the rclone utility to exfiltrate sensitive data while simultaneously deploying ransomware. Sophos has been able to thwart some of these attacks with their endpoint protection and MDR services, but the incidents underscore the need for robust cybersecurity measures. Organizations must prioritize patching known vulnerabilities, updating unsupported software, and implementing multi-factor authentication to enhance their defenses against such attacks.

In response to the situation, Veeam has released an update (VBR version 12.2.0.334) that addresses the CVE-2024-40711 vulnerability. Administrators are strongly urged to apply this patch immediately to protect their systems from exploitation. The exploitation of this vulnerability highlights the pressing need for proactive defense strategies, including timely software updates, stringent security protocols, and continuous monitoring of potential threats. Enterprises relying on Veeam Backup & Replication must take these steps to safeguard their systems and sensitive data from increasingly sophisticated cyber threats.

Reference:
  • Hackers Exploit Veeam Remote Code Execution Vulnerability to Deploy Ransomware
Tags: Cyber AlertsCyber Alerts 2024Cyber threatsHackersOctober 2024RCERemote code executionVeeamVulnerabilities
ADVERTISEMENT

Related Posts

Hackers Revive SEO Poisoning

Hackers Revive SEO Poisoning

July 10, 2025
Hackers Revive SEO Poisoning

RondoDox Botnet Exploits Router Flaws

July 10, 2025
Hackers Revive SEO Poisoning

ServiceNow Data Exposure via ACLs

July 10, 2025
Hackers Use Leaked Shellter License Malware

Windows BitLocker Vulnerability Flaw

July 9, 2025
Hackers Use Leaked Shellter License Malware

Hackers Use Leaked Shellter License Malware

July 9, 2025
Hackers Use Leaked Shellter License Malware

Anatsa Android Trojan Targets 90K Users

July 9, 2025

Latest Alerts

RondoDox Botnet Exploits Router Flaws

ServiceNow Data Exposure via ACLs

Hackers Revive SEO Poisoning

Windows BitLocker Vulnerability Flaw

Anatsa Android Trojan Targets 90K Users

Hackers Use Leaked Shellter License Malware

Subscribe to our newsletter

    Latest Incidents

    Bitcoin Depot Breach Exposes Data

    McDonald’s AI Hiring Bot Exposes Data

    Nippon Steel Solutions Data Breach

    Norwegian Municipalities Hit by Data Breach

    Credit Reports Breached And Sold On Dark Web

    Recruiting Software Exposed 26M Resumes

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial