The release of Veeam Backup & Replication v13 marks a pivotal evolution in Veeam’s platform strategy. At the heart of this release is the Veeam Software Appliance (VSA): a pre-hardened, Linux-based deployment model that redefines how backup infrastructure can be deployed, secured, and managed. This blog post dives into the technical innovations of the VSA, …
Tag: Hardening
Dec 26
Kerberos Authentication with Veeam v12
Kerberos Authentication with Veeam v12. NTLM authentication is still mandatory for communication between all Veeam infrastructure servers in v11. However, NTLM authentication is still required for communication between Veeam backup infrastructure servers (backup server, backup proxies, backup repositories, guest interaction proxies, log shipping servers, and mount servers). NTLM was subject to several known security vulnerabilities …
Oct 19
Conti initiates their attacks on Backup
Cyber groups (cartels) specifically target backup solutions in order to ensure that the victim has no other option except for paying the ransom. Conti group is particularly methodical in developing and implementing backup removal techniques (on-premise and cloud). The full analysis is available here (thanks to ADV INTEL) and is based on their actual proactive …
Feb 29
Hardening settings for Domain Controllers
Hi! Basically, default settings of Domain Controllers are not hardened. Every DC has by default the “Default Domain Controllers Policy” in place, but this GPO creates different escalation paths to Domain Admin if you have any members in Backup Operators or Server Operators for example. They can become Domain Admin. Start with replacing the “Default …
Follow me
