Mladen Komac’s Post

Nothing is more serious than security issues with your backup! "Veeam has released security updates for several of its products as part of a single September 2024 security bulletin that addresses 18 high and critical severity flaws in Veeam Backup & Replication, Service Provider Console, and One. The most severe of the problems addressed is CVE-2024-40711, a critical (CVSS v3.1 score: 9.8) remote code execution (RCE) vulnerability on Veeam Backup & Replication (VBR) that can be exploited without authentication." #cybersecurity https://lnkd.in/g_PysKnm

Veeam urgent patch Backup & Replication it!!! The most severe of the problems addressed is CVE-2024-40711, a critical (CVSS v3.1 score: 9.8) remote code execution (RCE) vulnerability on Veeam Backup & Replication (VBR) that can be exploited without authentication. VBR is used to manage and secure backup infrastructure for enterprises, so it plays a critical role in data protection. As it can serve as a pivot point for lateral movement, it is considered a high-value target for ransomware operators. Ransomware actors target the service to steal backups for double-extortion and delete/encrypt backup sets, so victims are left without recovery options. Cuba ransomware gang and FIN7, known to collaborate with Conti, REvil, Maze, Egregor, and BlackBasta, were observed targeting VBR vulnerabilities. #ransomware #backup https://lnkd.in/giWE6SAP

#Veeam has released software updates to address vulnerabilities in its Backup & Replication, Service Provider Console, and One software The most severe vulnerability is tracked as CVE-2024-40711, and when exploited, allows an attacker to remotely execute code Administrators are advised to patch ASAP #cybersecurity #vulnerabilitymanagement https://lnkd.in/eHxb8cf7

Veeam has released security updates for several of its products as part of a single September 2024 security bulletin that addresses 18 high and critical severity flaws in Veeam Backup & Replication, Service Provider Console, and One. The most severe of the problems addressed is CVE-2024-40711, a critical (CVSS v3.1 score: 9.8) remote code execution (RCE) vulnerability on Veeam Backup & Replication (VBR) that can be exploited without authentication. VBR is used to manage and secure backup infrastructure for enterprises, so it plays a critical role in data protection. As it can serve as a pivot point for lateral movement, it is considered a high-value target for ransomware operators. Ransomware actors target the service to steal backups for double-extortion and delete/encrypt backup sets, so victims are left without recovery options.

Ootbi (Out-of-the-Box-Immutability) by Object First is an appliance designed specifically for Veeam customers that offers secure backups against ransomware threats. By leveraging Direct-to-Object Storage, Ootbi offers a modern backup process, embracing data security from the outset and achieving a 99.999999999% (11 nines) reliability level. Ootbi is also simple to deploy and manage, with quick configuration and easy-to-embrace GUI. If you're a Veeam customer, you need to know about Object First Ootbi, check out our full report here - https://lnkd.in/ggUuZEJD Object First Veeam Software #backup #ransomware #veeam

Simple. Secure. Powerfull. Our OOTBI really is all of the above, but dont just take our word for it have a read of this amazing review from StorageReview.com #zerotrust

Check out this fantastic review from StorageReview.com on our product, Ootbi! Their detailed analysis highlights the secure #backup capabilities against ransomware threats and the modern backup process it offers. Read the full report below to learn more about Ootbi's 99.999999999% reliability level and simple deployment for Veeam Software customers. 🤓 📈

Very cool! Check out this review of Object First Ootbi from StorageReview.com below!

Veeam urges a swift patch for a critical bug in Veeam Backup Enterprise Manager (VBEM) that allows attackers to log into any account without a password. Rated 9.8/10 in severity, the flaw could open doors to ransomware. Disable services or uninstall VBEM if an upgrade isn’t feasible. Two other serious bugs were also patched. Switch to OpenText backup solutions for robust security and peace of mind. OpenText offers advanced protection to keep your data safe from threats. https://lnkd.in/gBdMRAgt @

🛠️ In September 2024, researchers discovered a critical vulnerability, CVE-2024-40711, in Veeam Backup & Replication. This vulnerability allows remote code execution (RCE) and is particularly attractive to ransomware operators. It affects version 12.1.2.172 and earlier. The flaw is tied to how Veeam handles deserialization, allowing attackers to exploit .NET Remoting services. #Cybersecurity #RCE 🚨 Code White Gmbh reported the vulnerability, and a proof-of-concept demonstrated successful exploitation on an older version. Veeam has since patched this issue, but the fix is more complex than it initially seemed. Despite Veeam's advisory stating authentication was required for exploitation, it turns out that earlier versions allowed unauthenticated attacks. #Vulnerability #CyberThreats 🧑💻 While patch diffing between the versions, researchers found that over 2,600 files were changed, complicating the task of isolating the vulnerability. Veeam’s patch fixed multiple security issues, not just the one related to CVE-2024-40711, further obscuring the specific fix for the bug. #PatchManagement #Veeam 🔍 The vulnerability stems from a deserialization bug related to the .NET class System.Runtime.Remoting.ObjRef, which was added to Veeam’s blacklist in the patch. The issue is linked to Veeam’s custom .NET Remoting implementation that previously lacked sufficient security controls, allowing RCE through deserialized objects. #CyberDefense #DeserializationAttack 💻 Veeam’s use of a whitelist and blacklist in its deserialization process is key to understanding the vulnerability. Although the blacklist was updated, the system still permitted some unsafe deserialization processes. The bug reveals the complexity of securing custom implementations of .NET Remoting. #Infosec #SecurityUpdate 🔒 Despite Veeam’s efforts, researchers discovered that earlier versions (before 12.1.2.172) were still vulnerable to unauthenticated RCE, while the newer versions (12.1.2.172 and beyond) required authentication. This distinction wasn’t clear in Veeam's original advisory. #DataProtection #RansomwareDefense 🛡️ Veeam eventually patched the vulnerability in two stages, first addressing authentication requirements in version 12.1.2.172, and later fixing the deserialization bug in version 12.2.0.334. This patching process has raised questions about the vulnerability disclosure and patching timeline. #SecurityPatches #RiskManagement 📈 The case of CVE-2024-40711 highlights the importance of robust patch management and clear communication about security fixes. Enterprises using Veeam Backup & Replication are strongly advised to upgrade to the latest version to mitigate the risk of exploitation. #EnterpriseSecurity #VulnerabilityManagement