Fix Veeam Backup Enterprise Manager Vulnerability (CVE-2024-40175)

Veeam released the hotfix for the vulnerability in Veeam Backup Enterprise Manager, allowing attackers to bypass the authentication while performing a Man-in-the-Middle (MITM) attack.

How to Upgrade Veeam Backup for Microsoft 365 to v8

      No Comments on How to Upgrade Veeam Backup for Microsoft 365 to v8

Veeam released a version of Veeam Backup for Microsoft 365 v8 on September 11, 2024, and includes Immutable backups with the ability to store on any object storage, Enterprise scale and efficiency delivered by Veeam Proxy Pools, Backup for private and shared Teams channels, and Linux-based backup proxies…

How to Upgrade Veeam Backup and Replication Console to v12.2.0.334

To gain remote access to Veeam Backup & Replication v12.2.0.334, you must first upgrade the Veeam Backup & Replication console to v12.2.0.344 on a dedicated machine.

Upgrade Veeam Backup and Replication Console to v12.1.2.172

To gain remote access to Veeam Backup & Replication v12.1.2.172, you must first upgrade the Veeam Backup & Replication console to v12.12.172 on a dedicated machine.

How to upgrade Veeam Backup Enterprise Manager to v12.2.0.334

Veeam released Backup & Replication v12.2.0.334 on August 28, 2024.
Veeam Backup & Replication 12.2 is the newer build of version 12, and the major new features and enhancements were added in Veeam Backup & Replication v12.2.

How to upgrade Veeam Backup Enterprise Manager to v12.1.2.172

Veeam released the Backup & Replication v12.1.2.172 on May 21, 2024.
The vulnerabilities documented in these sections were fixed starting in the 12.1.2.172 build.
Veeam Backup Enterprise Manager (VBEM)
CVE-2024-29849 | Severity: Critical (9.8)
This vulnerability in VBEM allows an unauthenticated attacker to log in to the VBEM web interface as any user.
CVE-2024-29850 | Severity: High (8.8)
This Vulnerability in VBEM allows account takeover via NTLM relay.
CVE-2024-29851 | Severity: High (7.2)
This vulnerability in VBEM allows a high-privileged user to steal the NTLM hash of the VBEM service account if that service account is anything other than the default Local System account.
CVE-2024-29852 | Severity: Low (2.7)
This vulnerability in VBEM allows high-privileged users to read backup session logs.

How to upgrade Veeam Backup and Replication to v12.1.2.172

Veeam released the Backup & Replication v12.1.2.172 on May 21, 2024.
The vulnerabilities documented in these sections were fixed starting in the 12.1.2.172 build.

How to Configure Custom Safe Links Policies in Microsoft Defender for Office 365

Safe Links is a feature in Microsoft Defender for Office 365 (formerly known as Office 365 Advanced Threat Protection or ATP) that helps protect your organization from malicious hyperlinks in email messages. When an email contains a hyperlink, Safe Links checks the URL against a list of known malicious links. If the link is safe, the user can access the website normally. However, if the link is malicious, Safe Links blocks access to the website and alerts the user and administrators.

Migrate Physical Machine to Microsoft Failover Cluster

Let’s walk through the steps to perform a Physical to Virtual machine (P2V) conversion using Veeam Backup and Replication (VBR) to migrate a physical server to a Cluster virtual machine.

How to create custom Safe Attachments policies in Microsoft Defender for Office 365

In Microsoft Defender for Office 365, Safe Attachments is a feature that helps protect your organization from malicious email attachments. It automatically scans email attachments for potential threats, such as malware or viruses, before delivering them to recipients’ mailboxes.

How to create a Custom Quarantine Policy in Microsoft Deferent for Office 365

Creating a custom quarantine policy in Microsoft Defender for Office 365 involves configuring advanced threat protection settings to protect your organization’s email environment.

How to use the Microsoft Defender portal to assign Strict preset security policies to users

Strict preset security policies typically refer to predefined rules and guidelines designed to enhance security measures within an organization or system. These policies safeguard sensitive data, prevent unauthorized access, and mitigate potential security threats.

How to use the Microsoft Defender portal to assign Standard preset security policies to users

Microsoft Defender for Office 365 provides preset security policies to help organizations protect their Office 365 environment from various threats. These preset policies are designed to offer baseline protection and can be customized according to the organization’s specific requirements.

Microsoft Defender for Office 365-Find the Domain Name of the Trusted ARC Sealers from the Message Header

An email message internet header is a metadata set containing information about the sender, recipient, routing, and delivery of an email. It can help you find the domain name of the trusted ARC sealers. The domain name must match the domain specified in the d value of the ARC-Seal and ARC-Message-Signature headers in affected messages.

Microsoft Defender for Office 365-Configure trusted ARC sealers email authentication for Microsoft 365 Custom domains

Authenticated Received Chain (ARC) is a mechanism used in email authentication protocols to address the issues of message forwarding and intermediary handling of emails. It is designed to improve the reliability and security of email authentication systems like SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail).

Microsoft Defender for Office 365 – Configure DMARC email authentication for Microsoft 365 Custom Domains

Domain-based Message Authentication, Reporting, and Conformance (DMARC) builds upon SPF and DKIM to give domain owners greater control over how recipient servers handle their email messages. With DMARC, domain owners can specify policies instructing recipient servers on how to handle emails that fail SPF or DKIM checks. DMARC also enables domain owners to receive reports on email authentication results, allowing them to monitor and improve their email security posture.