How to Register a Service Provider’s Veeam Data Cloud Vault on a Tenant's VBR Server

Legacy Functionality This article explains a method relevant only to Veeam Backup& Replication 13.0.1.1071 and older. Starting in Veeam Backup & Replication 13.0.1.2067, the backup server authorization now communicates directly with Veeam Data Cloud VDC, removing the need to be a License Admin...

Veeam Backup Enterprise Manager Vulnerability (CVE-2024-40715)

Veeam Software Security Commitment Veeam® is committed to ensuring its products protect customers from potential risks. As part of that commitment, we operate a Vulnerability Disclosure Program VDP for all Veeam products and perform extensive internal code audits. When a vulnerability is...

Linux Hardened Repository Unable to Update Immutability or Remove Restore Points due to SGID

Article Applicability The errors in this article may occur for other reasons, this article is specifically relevant to a situation in which these errors occur because the folder where the backup files are stored has an SGID Set-Group ID configured. Example: backupsvc@rhel9$ ls -l total 1 drwxr-s...

Veeam Backup and Replication Credentials Dump

This module exports and decrypts credentials from Veeam Backup & Replication and Veeam ONE Monitor Server to a CSV file; it is intended as a post-exploitation module for Windows hosts with either of these products installed. The module supports automatic detection of VBR / Veeam ONE and is capabl...

VSPC 5 fails to collect Monthly License Usage Report from VBR v11a

Article Applicability The issue described in this article is specific to Veeam Service Provider Console v5 without Patch 4 installed. Challenge Monthly License Usage Report cannot be collected from Veeam Backup & Replication servers running version 11a. Cause The license usage data generated by...

Chinese Researchers Disrupt Malware Attack That Infected Thousands of PCs

Chinese security firm Qihoo 360 Netlab said it partnered with tech giant Baidu to disrupt a malware botnet infecting over hundreds of thousands of systems. The botnet was traced back to a group it calls ShuangQiang also called Double Gun, which has been behind several attacks since 2017 aimed at...

UBUNTU-CVE-2015-8026

Heap-based buffer overflow in the verifyvbrchecksum function in exfatfsck in exfat-utils before 1.2.1 allows remote attackers to cause a denial of service infinite loop or possibly execute arbitrary code via a crafted filesystem...

DEBIAN-CVE-2015-8026

Heap-based buffer overflow in the verifyvbrchecksum function in exfatfsck in exfat-utils before 1.2.1 allows remote attackers to cause a denial of service infinite loop or possibly execute arbitrary code via a crafted filesystem...

Persistent Financial Malware 'Nemesis' Targets Boot Record

A group of attackers are behind a strain of payment card malware that has bootkit functionality, something that makes it very difficult to detect, much less remove. “FIN1,” the group behind the malware, appears to be based in Russia, according to researchers at both FireEye and Mandiant who...

Thriving Beyond The Operating System: Financial Threat Group Targets Volume Boot Record

In September, Mandiant Consulting identified a financially motivated threat group targeting payment card data using sophisticated malware that executes before the operating system boots. This rarely seen technique, referred to as a ‘bootkit’, infects lower-level system components making it very...

Veeam Backup & Replication Upgrade Paths

Tenants of Veeam Cloud Service Providers If your Veeam Backup & Replication installation is connected to a Veeam Cloud Service Provider, contact your Service Provider before upgrading to ensure that the intended upgrade will not break compatibility. A tenant cannot be on a newer version of Veeam...