We continue to read that Cuba Ransomware attacks Veeam Backup servers that are unpatched, unmaintained, or outdated. The Cuba ransomware group is exploiting a bug in data backup software exposed in March, warn security experts. It’s even been claimed that they have added a new set of tools to their arsenal along with CVE-2023-27532, the …
Category: Vulnerability Management
Jun 15
2023 Ransomware Trends Report
According to the 2023 Ransomware Trends Report (Data Protection), 85% of organizations suffered at least one cyber attack in the preceding twelve months; an increase from 76% experienced in the prior year. To better understand the preparedness and recoverability of cyber attacks, an independent research firm conducted a blind survey of 1,200 unbiased IT leaders …
Jun 13
Critical FortiOS & FortiProxy – Heap buffer overflow Vulnerability
Critical FortiOS – FG-IR-23-097: Fortinet released security updates to address a heap-based buffer overflow vulnerability [CVE-2023-27997] in FortiOS. An attacker could exploit this vulnerability to take control of an affected system. Hackers are actively exploiting the latest Fortinet’s FortiOS and FortiProxy flaw, targeting government, manufacturing, and critical infrastructure sectors. Take immediate action and update to …
Mar 08
High Veeam Backup & Replication Vulnerability – CVE-2023-27532
Today, Veeam has released patches for Veeam Backup & Replication v11 and v12. A critical vulnerability (CVSSv3 7.5 – CVE-2023-27532) has been fixed and you should apply the patch as soon as possible. Unauthorized users may be able to request encrypted credentials from the Veeam Backup service, and therefore get access to the backup infrastructure. …
Feb 06
Ransomware solution for VMware ESX
Updated February 8, 2023. CISA has released a data recovery script dubbed “ESXiArgs-Recover” in order to help users who have been affected by the massive worldwide ESXiArgs ransomware server attacks on VMWare’s vSphere: GitHub. _________ Hacker group used a method that we encountered for the first time. A super-intelligence who thinks they can only get …