Saturday , May 24 2025
Commvault

Commvault Confirms Its Azure Cloud Environment Breach via Zero-Day Attack

infosecbulletin 3 weeks ago Cyber Attack

Commvault confirmed that a sophisticated cyberattack exploiting a zero-day vulnerability breached its Azure cloud environment earlier this week.

On February 20, 2025, Microsoft notified Commvault of unauthorized activity in its Azure cloud environment.
Commvault announced its immediate response, activating incident protocols and involving leading cybersecurity experts and law enforcement.

Exploitable Vulns in Canon Printers Allow Gaining Admin Privileges

By infosecbulletin / Friday , May 23 2025
A passback vulnerability has been found in some Canon printers, including production and multifunction models. If an attacker gains administrative...
Read More
Exploitable Vulns in Canon Printers Allow Gaining Admin Privileges

184 Million Leaked Credentials Discovered in Open Database

By infosecbulletin / Friday , May 23 2025
Security researchers have discovered a database with 184 million account credentials, highlighting the need to update compromised passwords, strengthen weak...
Read More
184 Million Leaked Credentials Discovered in Open Database

Palo Alto Networks Warns of XSS Flaw: PoC Released

By infosecbulletin / Wednesday , May 21 2025
Palo Alto Networks warns a reflected cross-site scripting (XSS) vulnerability, CVE-2025-0133, in the GlobalProtect gateway and portal features of its...
Read More
Palo Alto Networks Warns of XSS Flaw: PoC Released

Pwn2Own Berlin reveals 29 critical vulns in major tech firms

By infosecbulletin / Wednesday , May 21 2025
Pwn2Own Berlin 2025, a top cybersecurity contest, awarded $1,078,750 to researchers who discovered 29 zero-day vulnerabilities in various enterprise technologies....
Read More
Pwn2Own Berlin reveals 29 critical vulns in major tech firms

High-Severity Flaw Hits Atlassian Jira Data Center

By infosecbulletin / Wednesday , May 21 2025
A recently discovered vulnerability, CVE-2025-22157, threatens organizations using Atlassian’s Jira Core Data Center and Jira Service Management Data Center by...
Read More
High-Severity Flaw Hits Atlassian Jira Data Center

All major mobile networks go down across Spain

By infosecbulletin / Tuesday , May 20 2025
A nationwide phone network has gone down in Spain, shortly after blackouts caused chaos and significant financial losses. Emergency services...
Read More
All major mobile networks go down across Spain

Researchers found 200 billion files exposed in cloud buckets

By infosecbulletin / Monday , May 19 2025
Billions of files, including documents, source code, and backups, are leaking because of misconfigured cloud storage. Cyble, a cybersecurity company...
Read More
Researchers found 200 billion files exposed in cloud buckets

Bank server compromised using customer’s mobile, steal ₹11 crore

By infosecbulletin / Sunday , May 18 2025
Cyber fraudsters hacked the Himachal Pradesh State Cooperative Bank's server using a customer's mobile phone. According to reports, the fraudsters...
Read More
Bank server compromised using customer’s mobile, steal ₹11 crore

“InfoSecCon-2025″ held successfully promising cyber resilience

By infosecbulletin / Sunday , May 18 2025
"InfoSecCon-2025" was successfully held with tremendous audiences with various time demanding topics and keynotes at Dhaka on 16 May- 2025....
Read More
“InfoSecCon-2025″ held successfully promising cyber resilience

Intel PC, laptop and server processors affected for 6 years: Report

By infosecbulletin / Saturday , May 17 2025
A new class of vulnerabilities in Intel processors, called Branch Predictor Race Conditions (BPRC), enables attackers to extract sensitive data...
Read More
Intel PC, laptop and server processors affected for 6 years: Report

The statment reads, “On February 20, 2025, Microsoft notified us about unauthorized activity within our Azure environment by a suspected nation-state threat actor. We immediately activated our incident response plan with the assistance of leading cybersecurity experts and law enforcement.

Our investigation validated that unauthorized access affected a handful of customers and we promptly contacted them to provide assistance. Our investigation also confirmed there was no unauthorized access to any data that Commvault protects for any customer, and no impact on Commvault’s business operations or ability to deliver our products and services.

Action Taken
Our forensic investigation discovered that the threat actor exploited a zero-day vulnerability, which has been patched and we encourage our software customers to do the same. We also rotated affected credentials, continue to further harden our defenses and work with law enforcement.

Working Together
No company is immune to an attack. We believe that sharing information and working together makes us all more resilient. We thank Microsoft for their notification to us, our cybersecurity experts for their trusted partnership, and our customers for their responsiveness and resilience.”

This incident highlights the ongoing and changing nature of cyber threats facing cloud services and managed providers.

Commvault seeks to enhance transparency and encourage collaboration in cybersecurity by sharing details about the breach and its response.

Check Also

Hacker

Ransomware Attack On Biopharma : Hacker seeks $80k

Indian Pimpri Chinchwad police’s cyber cell is looking into a complaint where a hacker demanded …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2025, All Rights Reserved InfoSecBulletin