CVE-2024-40711: Hackers Exploit Veeam Vulnerability to Deploy Frag Ransomware - #CVE-2024-40711
A series of articles have reported on the critical vulnerability CVE-2024-40711 in Veeam’s Backup & Replication software, with a severity score of 9.8, that allows unauthenticated remote code execution. This flaw has been actively exploited by ransomware groups, notably to deploy Akira, Fog, and a new ransomware called Frag, through compromised VPN gateways lacking multifactor authentication. Security researchers, including Florian Hauser, have emphasized the need for immediate patching and additional cybersecurity measures such as enabling multifactor authentication and isolating Veeam products from the internet. Organizations are being urged to apply the latest security patches and develop comprehensive incident response plans to mitigate these threats. Sophos X-Ops has reported on the continuous monitoring and blocking of these ransomware attacks, highlighting the evolving tactics of cybercriminals and the importance of robust endpoint protection.