<ul><li>A critical flaw, CVE-2024-40711, in Veeam Backup & Replication has been exploited to deploy Frag ransomware.</li><li>Sophos researchers warned about the exploitation of the vulnerability, which allowed the creation of rogue accounts and malware deployment.</li><li>Veeam released security updates in September 2024, fixing 18 high and critical severity flaws. The most severe one was the CVE-2024-40711 impacting Veeam Backup & Replication.</li><li>Threat actors exploited the Veeam vulnerability to spawn net.exe and create a local account named 'point' to deploy ransomware such as Fog and Akira. Sophos recently found instances of Frag ransomware being deployed through the same exploit.</li></ul>

Veeam Backup & Replication exploit reused in new Frag ransomware attack

Discover more