The Cuba ransomware group has attacked a critical infrastructure organization in the U.S. via a vulnerability in Veeam
The group used malicious tools from previous campaigns, as well as a new exploit for the Veeam vulnerability CVE-2023-27532
The vulnerability allows an attacker to access credentials stored in the configuration file on victim devices
The Cuba ransomware group has compromised more than 100 organizations globally and demanded more than $145 million in ransom
The group has also attacked an IT integrator in Latin America in June
The group's most recent campaign targeted organizations in the U.S., Mexico, Guatemala, Honduras, El Salvador, the Dominican Republic, Costa Rica, Panama, Colombia, Ecuador and Chile
The Cuba ransomware group is financially motivated and continues to target entities in crucial sectors such as critical infrastructure