From Group-IB Blog, Patch or Peril, a Veeam Vulnerability Incident

Group-IB had published a blog concerning vulnerability CVE-2023-27532 was made public in March 2023 and subsequently patched by Veeam for versions 12/11a and later for Veeam Backup & Replication software, Group-IB’s Digital Forensics and Incident Response (DFIR) team recently observed a notable incident related to this vulnerability.

The blog provides an overview of the attacker’s tactics, techniques, and procedures (TTPs), from initial access via FortiGate SSL VPN to the impact of the ransomware. By reading this blog, readers will be better equipped to recognize and prevent similar threats in their own methods.