"ALPHV Ransomware Exploits Veritas Backup Exec Bugs for Initial Access"

An ALPHV/BlackCat ransomware affiliate was observed exploiting three Veritas Backup product vulnerabilities to gain initial network access. ALPHV emerged in December 2021 and is believed to be run by former members of the Darkside and Blackmatter programs that abruptly disbanded to avoid law enforcement pressure. Mandiant tracks the ALPHV affiliate as 'UNC4466' and notes that this intrusion technique deviates from the norm, which relies on stolen credentials. This article continues to discuss the exploitation of three Veritas Backup product vulnerabilities by an ALPHV/BlackCat ransomware affiliate for initial access. 

Bleeping Computer reports "ALPHV Ransomware Exploits Veritas Backup Exec Bugs for Initial Access"