Hackers target vulnerable Veeam backup servers exposed online
Veeam backup servers are being targeted by at least one group of threat actors known to work with multiple high-profile ransomware gangs. [...]
Vulnerabilities are flaws attackers can exploit to access systems or data; timely patching, isolation, and least privilege reduce the impact.
Search across headline titles and summaries.
Background for this topic.
A vulnerability is a weakness in a system’s design, code, configuration, or operating process that could allow an attacker to violate a security requirement. It may affect software, hardware, networks, cloud services, or exposed interfaces, and is not automatically exploitable: practical risk depends on factors such as exposure, required privileges, available attack paths, and existing controls. Outcomes can include unauthorized access, information disclosure, code execution, or disruption of service.
Effective vulnerability management combines accurate asset inventory with code review, security testing, scanning, and trusted vulnerability intelligence. Organizations should prioritize weaknesses affecting reachable, business-critical systems—especially when exploitation is known or requires little access—then patch or otherwise mitigate them and verify the fix. Where patching is delayed, controls such as disabling an exposed feature, restricting network access, or strengthening authentication can reduce the attack surface. Records should preserve affected versions, risk decisions, remediation owners, and validation results.
Veeam backup servers are being targeted by at least one group of threat actors known to work with multiple high-profile ransomware gangs. [...]
Invicti's Patrick Vandenberg joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to discuss the latest global threat report.
The U.S. Cybersecurity Infrastructure Security Agency (CISA) and the FDA have issued an urgent alert about two vulnerabilities that impact Illumina's Universal Copy Service (UCS), used for DNA sequencing in medical facilities and labs worldwide. [...]
The lack of understanding around open source poses a threat when legislation is considered. Governments can help by offering funding to help remediate vulnerabilities and supporting in open source's long-term development.
Networking equipment maker Zyxel has released patches for a critical security flaw in its firewall devices that could be exploited to achieve remote code execution on affected systems
Microsoft has attributed recent attacks on PaperCut servers to the Clop and LockBit ransomware operations, which used the vulnerabilities to steal corporate data. [...]
Microsoft has attributed recent attacks on PaperCut servers to the Clop and LockBit ransomware operations, which used the vulnerabilities to steal corporate data. [...]
The open-source e-commerce platform PrestaShop has released a new version that addresses a critical-severity vulnerability allowing any back-office user to write, update, or delete SQL databases regardless of their permissions. [...]
Cisco disclosed today a zero-day vulnerability in the company's Prime Collaboration Deployment (PCD) software that can be exploited for cross-site scripting attacks. [...]
More than 2,000 global organizations — including Fortune 1,000 companies — are at risk to reflective DDoS attacks that exploit a vulnerability discovered in the legacy Internet protocol.
A malicious actor with local admin privileges could exploit the vulnerability to escape from the VM
Apache Superset is vulnerable to authentication bypass and remote code execution at default configurations, allowing attackers to potentially access and modify data, harvest credentials, and execute commands. [...]
Bug has potential to facilitate 2200x amplification attacks
The maintainers of the Apache Superset open source data visualization software have released fixes to plug an insecure default configuration that could lead to remote code execution
VMware has released updates to resolve multiple security flaws impacting its Workstation and Fusion software, the most critical of which could allow a local attacker to achieve code execution
Two vulnerabilities in PaperCut have been found, and one of them is being actively exploited in the wild. This blog entry provides a summary of the vulnerabilities, and includes security guidance for IT and SOC professionals.
The report found that ninety-seven percent of security vulnerabilities labeled as "critical" could actually be deprioritized.
Two out of three public-facing app instances open to hijacking Apache Superset until earlier this year shipped with an insecure default configuration that miscreants could exploit to login and take over the data visualization application, steal data, and execute malicious code.…
VMware has released security updates to address zero-day vulnerabilities that could be chained to gain code execution systems running unpatched versions of the company's Workstation and Fusion software hypervisors. [...]
If you have the product, but you haven't patched - well, the crooks have now landed, so please don't delay. Do it today...