Veeam released the hotfix for the vulnerability in Veeam Backup Enterprise Manager, allowing attackers to bypass the authentication while performing a Man-in-the-Middle (MITM) attack.
Veeam released a version of Veeam Backup for Microsoft 365 v8 on September 11, 2024, and includes Immutable backups with the ability to store on any object storage, Enterprise scale and efficiency delivered by Veeam Proxy Pools, Backup for private and shared Teams channels, and Linux-based backup proxies…
The release version of Veeam ONE 12.2 is available on August 28th, 2024.
The vulnerabilities documented in these sections were fixed starting in the 12.2 build.
The release version of Veeam ONE 12.2 is available on August 28th, 2024. You can download it at:
https://www.veeam.com/products/veeam-data-platform/monitoring-analytics.html
To gain remote access to Veeam Backup & Replication v12.2.0.334, you must first upgrade the Veeam Backup & Replication console to v12.2.0.344 on a dedicated machine.
To gain remote access to Veeam Backup & Replication v12.1.2.172, you must first upgrade the Veeam Backup & Replication console to v12.12.172 on a dedicated machine.
Veeam released Backup & Replication v12.2.0.334 on August 28, 2024.
Veeam Backup & Replication 12.2 is the newer build of version 12, and the major new features and enhancements were added in Veeam Backup & Replication v12.2.
Veeam released the Backup & Replication v12.1.2.172 on May 21, 2024.
The vulnerabilities documented in these sections were fixed starting in the 12.1.2.172 build.
Veeam Backup Enterprise Manager (VBEM)
CVE-2024-29849 | Severity: Critical (9.8)
This vulnerability in VBEM allows an unauthenticated attacker to log in to the VBEM web interface as any user.
CVE-2024-29850 | Severity: High (8.8)
This Vulnerability in VBEM allows account takeover via NTLM relay.
CVE-2024-29851 | Severity: High (7.2)
This vulnerability in VBEM allows a high-privileged user to steal the NTLM hash of the VBEM service account if that service account is anything other than the default Local System account.
CVE-2024-29852 | Severity: Low (2.7)
This vulnerability in VBEM allows high-privileged users to read backup session logs.
Veeam released the Backup & Replication v12.1.2.172 on May 21, 2024.
The vulnerabilities documented in these sections were fixed starting in the 12.1.2.172 build.
Safe Links is a feature in Microsoft Defender for Office 365 (formerly known as Office 365 Advanced Threat Protection or ATP) that helps protect your organization from malicious hyperlinks in email messages. When an email contains a hyperlink, Safe Links checks the URL against a list of known malicious links. If the link is safe, the user can access the website normally. However, if the link is malicious, Safe Links blocks access to the website and alerts the user and administrators.
Let’s walk through the steps to perform a Physical to Virtual machine (P2V) conversion using Veeam Backup and Replication (VBR) to migrate a physical server to a Cluster virtual machine.
In Microsoft Defender for Office 365, Safe Attachments is a feature that helps protect your organization from malicious email attachments. It automatically scans email attachments for potential threats, such as malware or viruses, before delivering them to recipients’ mailboxes.
Creating a custom quarantine policy in Microsoft Defender for Office 365 involves configuring advanced threat protection settings to protect your organization’s email environment.
Strict preset security policies typically refer to predefined rules and guidelines designed to enhance security measures within an organization or system. These policies safeguard sensitive data, prevent unauthorized access, and mitigate potential security threats.
Microsoft Defender for Office 365 provides preset security policies to help organizations protect their Office 365 environment from various threats. These preset policies are designed to offer baseline protection and can be customized according to the organization’s specific requirements.
An email message internet header is a metadata set containing information about the sender, recipient, routing, and delivery of an email. It can help you find the domain name of the trusted ARC sealers. The domain name must match the domain specified in the d value of the ARC-Seal and ARC-Message-Signature headers in affected messages.
Authenticated Received Chain (ARC) is a mechanism used in email authentication protocols to address the issues of message forwarding and intermediary handling of emails. It is designed to improve the reliability and security of email authentication systems like SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail).
Domain-based Message Authentication, Reporting, and Conformance (DMARC) builds upon SPF and DKIM to give domain owners greater control over how recipient servers handle their email messages. With DMARC, domain owners can specify policies instructing recipient servers on how to handle emails that fail SPF or DKIM checks. DMARC also enables domain owners to receive reports on email authentication results, allowing them to monitor and improve their email security posture.