Tag: backup
-
CoffeeLoader: A Brew of Stealthy Techniques
IntroductionZscaler ThreatLabz has identified a new sophisticated malware family that we named CoffeeLoader, which originated around September 2024. The purpose of the malware is to download and execute second-stage payloads while evading detection by endpoint-based security products. The malware uses numerous techniques to bypass security solutions, including a specialized packer that utilizes the GPU, call…
-
Windows 11 24H2 Update Disrupts Connection to Veeam Backup Server
Users of the Veeam Backup Server have encountered a significant issue following the Windows 11 24H2 update. Specifically, the update has disrupted the connection between Veeam Recovery Media and the Veeam Backup Server. This problem affects users who have created recovery media from Windows 11 version 24H2 (build 26100.3194) or higher. When attempting to restore…
-
Redcurl-Ransomware attackiert Hypervisoren
Eine neue Ransomware-Attacke der bekannten Gruppe Cyberkrimineller richtet sich gezielt auf Hypervisoren anstatt auf Endpunkte. So wollen die Angreifer lange unentdeckt bleiben und zugleich einen maximalen Schaden anrichten. Das belegt eine Bitdefender-Labs-Analyse der ersten digitalen Erpressung von Redcurl. Neben DLL-Sideloading und bösartigem Malware-Code kommen vor allem legitime Tools für Living-of-the-Land-Attacken (LOTL) zum Einsatz. Backups […]…
-
Neue VanHelsing-Ransomware breitet sich rasant aus
Tags: authentication, backup, blockchain, dark-web, encryption, extortion, governance, government, linux, ransomware, service, usa, windowsDas neue Ransomware-Programm VanHelsing zielt auf Windows-, Linux-, BSD-, ARM- und ESXi-Systeme.Das neue RaaS-Projekt namens VanHelsing wurde erstmals am16. März von Forschern von CYFIRMA entdeckt, als Angreifer es für Verschlüsselung und doppelte Erpressung nutzten. Da es für Ziele der Gemeinschaft Unabhängiger Staaten (GUS) verboten ist, gehen die Security-Spezialisten davon aus, dass die Hintermänner aus Russland…
-
World Backup Day: Data backup insufficient to protect against cyber attacks
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/world-backup-day-data-backup-insufficient-protection-cyber-attacks
-
New VanHelsing ransomware claims three victims within a month
Tags: access, authentication, backup, blockchain, control, encryption, government, network, ransom, ransomware, service, windowsSophisticated affiliate program: VanHelsing is a refined ransomware written in C++ and, based on the compilation timestamp observed by Check Point, had claimed its first victim on the same day it got spotted by CYFIRMA.”The ransomware accepts multiple command-line arguments that control the encryption process, such as whether to encrypt network and local drives or…
-
World Backup Day: Datensicherung zum Schutz vor Cyber-Angriffen unzureichend
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/world-backup-day-datensicherung-cyber-angriffe
-
Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks
Acronis Threat Research found 2M+ malicious URLs & 5,000+ malware instances in Microsoft 365 backup data”, demonstrating how built-in security isn’t always enough. Don’t let threats persist in your cloud data. Strengthen your defenses. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hidden-threats-how-microsoft-365-backups-store-risks-for-future-attacks/
-
BigQuery-Backups: Warum Unternehmen ihre Datenstrategie überdenken sollten
Obwohl BigQuery als leistungsstarkes Data Warehouse von Google gilt, schützt es nicht automatisch vor Datenverlusten ein weit verbreitetes Missverständnis. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/bigquery-backups-warum-unternehmen-ihre-datenstrategie-ueberdenken-sollten/a40223/
-
Week in review: Veeam Backup & Replication RCE fixed, free file converter sites deliver malware
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Critical Veeam Backup Replication RCE vulnerability fixed, patch ASAP! … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/23/week-in-review-veeam-backup-replication-rce-fixed-free-file-converter-sites-deliver-malware/
-
CISA warnt vor NAKIVO Backup Replication-Schwachstelle
Setzt jemand aus der Leserschaft NAKIVO Backup & Replication zur Datensicherung ein? Die US Cybersicherheitsbehörde CISA hat eine Warnung bezüglich einer Schwachstelle in dieser Lösung veröffentlicht. Administratoren sollten die neuesten Sicherheitsupdates einspielen. NAKIVO Backup & Replication Ich habe mal kurz nachgesehen, … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/22/cisa-warnt-vor-nakivo-backup-replication-schwachstelle/
-
Channel Brief: ConnectWise Strengthens Asio With Backup, Cybersecurity
First seen on scworld.com Jump to article: www.scworld.com/news/channel-brief-connectwise-strengthens-asio-with-backup-cybersecurity
-
CISA marks NAKIVO’s critical backup vulnerability as actively exploited
Tags: access, advisory, backup, cisa, ciso, cloud, cybersecurity, exploit, kev, mitigation, network, service, update, vulnerabilityCISOs advised to push for immediate patching: CISA has advised immediate federal and civilian patching of the flaw. For the Federal Civilian Executive Branch (FCEB) agencies, the US cybersecurity watchdog has stipulated a patching deadline of April 19, 2025, in accordance with the BOD 22-01 directive.”Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance…
-
NAKIVO Backup Replication vulnerability exploited by attackers (CVE-2024-48248)
A vulnerability (CVE-2024-48248) in NAKIVO Backup and Replication, a backup, ransomware protection and disaster recovery solution designed for organizations of all sizes and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/21/nakivo-backup-replication-vulnerability-exploited-by-attackers-cve-2024-48248/
-
Veeam RCE Vulnerability Allows Domain Users to Hack Backup Servers
Researchers uncovered critical Remote Code Execution (RCE) vulnerabilities in the Veeam Backup & Replication solution. These vulnerabilities, which include CVE-2025-23120, exploit weaknesses in deserialization mechanisms, potentially allowing any domain user to gain SYSTEM access to Veeam backup servers. This is particularly concerning for organizations that have integrated their Veeam servers into their Active Directory domains.…
-
Critical remote code execution flaw patched in Veeam backup servers
Tags: backup, cve, exploit, flaw, framework, programming, rce, remote-code-execution, risk, update, veeam, vulnerabilityWhy black lists are bad: Application developers have gotten in the habit of mitigating deserialization risks by creating blacklists of classes that could be dangerous when deserialized, and as watchTowr explains, this was also Veeam’s approach when addressing CVE-2024-40711. However, history has shown that blacklists are rarely complete.”Blacklists (also known as block-lists or deny-lists) are…
-
Veeam RCE bug lets domain users hack backup servers, patch now
Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication software that impacts domain-joined installations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/veeam-rce-bug-lets-domain-users-hack-backup-servers-patch-now/
-
CISA tags NAKIVO backup flaw as actively exploited in attacks
CISA has warned U.S. federal agencies to secure their networks against attacks exploiting a high-severity vulnerability in NAKIVO’s Backup & Replication software. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-tags-nakivo-backup-flaw-as-actively-exploited-in-attacks/
-
Veeam patches critical 9.9 flaw in backup and replication product
First seen on scworld.com Jump to article: www.scworld.com/news/veeam-patches-critical-99-flaw-in-backup-and-replication-product
-
Veeam fixed critical Backup Replication flaw CVE-2025-23120
Veeam released security patches for a critical Backup & Replication vulnerability that could let attackers remotely execute code. Veeam addressed a critical security vulnerability, tracked as CVE-2025-23120 (CVSS score of 9.9), impacting its Backup & Replication software that could lead to remote code execution. The vulnerability impacts 12.3.0.310 and all earlier version 12 builds, it was…
-
Veeam Update Patches Critical Backup Software Vulnerability
‘Real Danger’ Alert for Unpatched Veeam Servers Attached to a Production Domain. Widely used Veeam Backup & Replication software has been patched to fix a critical vulnerability that could be abused to remotely exploit malicious code. Security experts recommend rapid patching, given ransomware and other groups’ repeated targeting of the software. First seen on govinfosecurity.com…
-
CISA Warns of Exploited Nakivo Vulnerability
CISA has added an absolute path traversal bug in Nakivo Backup and Replication to its Known Exploited Vulnerabilities list. The post CISA Warns of Exploited Nakivo Vulnerability appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cisa-warns-of-exploited-nakivo-vulnerability/
-
CVE-2024-48248: High-Severity NAKIVO Flaw Actively Exploited
The U.S. Cybersecurity and Infrastructure Security Agency has identified a significant security flaw affecting NAKIVO Backup Replication software, adding it to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation in the wild. The vulnerability, tracked as CVE-2024-48248… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/nakivo-backup-software-flaw-exploited/
-
Veeam and IBM Release Patches for High-Risk Flaws in Backup and AIX Systems
Veeam has released security updates to address a critical security flaw impacting its Backup & Replication software that could lead to remote code execution.The vulnerability, tracked as CVE-2025-23120, carries a CVSS score of 9.9 out of 10.0. It affects 12.3.0.310 and all earlier version 12 builds.”A vulnerability allowing remote code execution (RCE) by authenticated domain…
-
Veeam Patches Critical Vulnerability in Backup Replication
Veeam has released patches for a critical-severity remote code execution vulnerability in Backup Replication. The post Veeam Patches Critical Vulnerability in Backup Replication appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/veeam-patches-critical-vulnerability-in-backup-replication/
-
Critical Veeam Backup Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120)
Veeam has released fixes for a critical remote code execution vulnerability (CVE-2025-23120) affecting its enterprise Veeam Backup Replication solution, and is urging … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/20/critical-veeam-backup-replication-rce-vulnerability-cve-2025-23120/
-
CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting NAKIVO Backup & Replication software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerability in question is CVE-2024-48248 (CVSS score: 8.6), an absolute path traversal bug that could allow an unauthenticated attacker to First seen on…
-
CISA Warns of NAKIVO Backup Flaw Exploited in Attacks with PoC Released
Tags: attack, backup, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, software, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a serious vulnerability in the NAKIVO Backup and Replication software, known as CVE-2024-48248. This vulnerability allows attackers to exploit an absolute path traversal flaw, enabling them to read arbitrary files without authentication. The vulnerability resides in the Director Web Interface of the…
-
Critical Veeam Backup Replication Vulnerability Allows Remote Execution of Malicious Code
Tags: backup, cve, cvss, cyber, malicious, remote-code-execution, risk, software, veeam, vulnerabilityA critical vulnerability in Veeam Backup & Replication software has been disclosed, posing a significant risk to users. This vulnerability, identified as CVE-2025-23120, allows remote code execution (RCE) by authenticated domain users. The severity of this issue is underscored by a CVSS v3.1 score of 9.9, indicating a high level of risk. The vulnerability has…
-
Veeam Backup Replication RCE-Schwachstelle CVE-2025-23120
Nutzer von Veeam Backup & Replication müssen reagieren. Der Anbieter Veeam hat zum 19. März 2025 über eine Remote Code Execution (RCE) Schwachstelle CVE-2025-23120 in verschiedenen Versionen des genannten Produkts informiert. Es gibt Sicherheitsupdates, um diese Schwachstelle zu schließen. Die … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/19/veeam-backup-replication-rce-schwachstelle-cve-2025-23120/