Week in review: Veeam Backup & Replication RCE fixed, free file converter sites deliver malware
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120)
Veeam has released fixes for a critical remote code execution vulnerability (CVE-2025-23120) affecting its enterprise Veeam Backup & Replication solution, and is urging customers to quickly upgrade to a fixed version.
FBI: Free file converter sites and tools deliver malware
Malware peddlers are increasingly targeting users who are searching for free file converter services (websites) and tools, the FBI’s Denver Field Office has warned earlier this month.
How healthcare CISOs can balance security and accessibility without compromising care
In this Help Net Security interview, Sunil Seshadri, EVP and CSO at HealthEquity, talks about the growing risks to healthcare data and what organizations can do to stay ahead.
Malicious ads target Semrush users to steal Google account credentials
Cyber crooks are exploiting users’ interest in Semrush, a popular SEO, advertising, and market research SaaS platform, to steal their Google account credentials.
RansomHub affiliate leverages multi-function Betruger backdoor
A RansomHub affiliate is leveraging a new multi-function backdoor dubbed Betruger to perform various actions during their attacks, Symantec researchers have discovered.
Moving beyond checkbox security for true resilience
In this Help Net Security interview, William Booth, director, ATT&CK Evaluations at MITRE, discusses how CISOs can integrate regulatory compliance with proactive risk management, prioritize spending based on threat-informed assessments, and address overlooked vulnerabilities like shadow IT and software supply chain risks.
APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373)
State-sponsored threat actors and cybercrime groups from North Korea, Iran, Russia, and China have been exploiting a zero-day Windows vulnerability with no fix in sight for the last eight years, researchers with Trend Micro’s Zero Day Initiative have warned on Tuesday.
How financial institutions can minimize their attack surface
In this Help Net Security interview, Sunil Mallik, CISO of Discover Financial Services, discusses cybersecurity threats for financial institutions.
Stealthy StilachiRAT steals data, may enable lateral movement
While still not widely distributed, a new Windows remote access trojan (RAT) dubbed StilachiRAT is a serious threat.
Review: Cybersecurity Tabletop Exercises
Packed with real-world case studies and practical examples, Cybersecurity Tabletop Exercises offers insights into how organizations have successfully leveraged tabletop exercises to identify security gaps and enhance their incident response strategies.
IntelMQ: Open-source tool for collecting and processing security feeds
IntelMQ is an open-source solution designed to help IT security teams (including CERTs, CSIRTs, SOCs, and abuse departments) streamline the collection and processing of security feeds using a message queuing protocol.
The rise of DAST 2.0 in 2025
SAST’s initial promise of proactive security testing for security teams, quickly established itself as a fundamental problem for developers due to its extreme noise.
NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248)
A vulnerability (CVE-2024-48248) in NAKIVO Backup and Replication, a backup, ransomware protection and disaster recovery solution designed for organizations of all sizes and managed service providers (MSPs), is being actively exploited.
Pay, fight, or stall? The dilemma of ransomware negotiations
In this Help Net Security video, Kurtis Minder, CEO at GroupSense, takes us inside the world of ransomware negotiations.
The hidden risk in SaaS: Why companies need a digital identity exit strategy
In the face of sudden trade restrictions, sanctions, or policy shifts, relying on SaaS providers outside your region for identity services is a gamble that companies can no longer afford to take.
How AI and automation are reshaping security leadership
The contemporary SOC is transforming as it starts to realize the benefits of GenAI and utilize the manifestations of autonomous agentic AI, according to Tines.
5 pitfalls that can delay cyber incident response and recovery
The responsibility of cyber incident response falls squarely on the shoulders of the CISO. And many CISOs invest heavily in technical response procedures, tabletop exercises and theoretical plans only to find out that when an actual breach strikes the organization is not as prepared as it should be.
Hackers target AI and crypto as software supply chain risks grow
The growing sophistication of software supply chain attacks is driven by widespread flaws in open-source and third-party commercial software, along with malicious campaigns that specifically target AI and cryptocurrency development pipelines, according to a ReversingLabs report.
Protecting your iCloud data after Apple’s Advanced Data Protection removal in the UK
Advanced Data Protection (ADP) secures iCloud data with end-to-end encryption. This ensures that no one, not even Apple, can access the encrypted data, which remains secure even in the event of a cloud bre
Kali Linux 2025.1a drops with theme refresh, Kali NetHunter updates
Kali Linux 2025.1a is now available. This release enhances existing features with improvements designed to streamline your experience.
Cybersecurity jobs available right now: March 18, 2025
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field, with opportunities available both in the USA and around the world.
Report: The State of Secrets Sprawl 2025
GitGuardian’s State of Secrets Sprawl 2025 report shows no progress in combating secrets sprawl, with 23.8 million secrets leaked on public GitHub repositories in 2024—a 25% year-over-year increase.
New infosec products of the week: March 21, 2025
Here’s a look at the most interesting products from the past week, featuring releases from 1Kosmos, Cloudflare, Cytex, Keysight Technologies, and TXOne Networks.