"Feds Warn of Rise in Attacks Involving Veeam Software Flaw"

Federal authorities have warned the healthcare industry about a rise in cyberattacks against Veeam's backup application. The attacks appear to be linked to the March disclosure of a high-severity vulnerability in the vendor's software. The vulnerability, tracked as CVE-2023-27532, exposes Veeam Backup and Replication (VBR)-stored encrypted credentials. According to a recent alert from the Department of Health and Human Services' Health Sector Cybersecurity Coordination Center (HHS HC3), its exploitation could lead to unauthorized access to backup infrastructure hosts. These intrusions may result in data theft or ransomware deployment. The issue affects all versions of the Veeam software, which backs up, replicates, and restores data on Virtual Machines (VMs). The software supports transaction-level restores of Oracle and Microsoft SQL databases, according to HHS HC3. In addition to backing up and recovering VMs, VBR is also used to protect and restore individual files and applications for environments such as Microsoft Exchange and SharePoint, which are used in the healthcare and public health sector, making the threat significant. This article continues to discuss the healthcare sector facing a rise in cyberattacks on VBR. 

DataBreachToday reports "Feds Warn of Rise in Attacks Involving Veeam Software Flaw"