HC3 warns of Veeam software vulnerability targeting encrypted credentials

Unauthenticated users can exploit a vulnerability in Veeam Backup & Replication software to gain access to a network and obtain encrypted credentials, warns Veeam Software. The Health Sector Cybersecurity Coordination Center advises healthcare organizations to update their systems and patch vulnerabilities to prevent cyberattacks. The software is used to protect and restore individual files and applications, making it a significant threat in the healthcare sector. FIN7, a financially motivated cybercrime group, has been identified in recent attacks on Veeam servers. Organizations are encouraged to implement multifactor authentication to prevent stolen credentials from being used.