This week’s coverage focuses on renewed spyware threats, Russian cyberattacks, critical vulnerabilities impacting Veam, SonicWall, D-Link and Yubi, and air-gapping might not be enough any more.
Predator Spyware Infrastructure Returns
Link: Cybersecurity News
The Predator spyware infrastructure has resurfaced, posing a significant threat to organizations worldwide. This sophisticated spyware is known for its ability to compromise devices and collect sensitive information.
Russian Military Hackers Attacking Critical Infrastructure
Links: Cybersecurity News Dark Reading
Russian military hackers have been actively targeting critical infrastructure in the US and allied countries. Federal agencies are warning organizations to bolster their defenses against this increased cyber threat.
Veeam Software Vulnerabilities Allow Remote Code Execution
Links: Cybersecurity News Bleeping Computer
Vulnerabilities in Veeam software have been identified that allow attackers to trigger remote code execution (RCE). This critical flaw impacts Veeam’s backup and replication software, making immediate patching essential.
New RAMBo Attack Steals Data Using RAM in Air-Gapped Computers
Link: Bleeping Computer
Researchers have uncovered a new attack method called RAMBo, which uses the RAM in air-gapped computers to steal sensitive data. This technique exploits electromagnetic signals emitted from RAM chips, posing a risk to high-security environments.
280 Android Apps Use OCR to Steal Cryptocurrency Credentials
Link: Ars Technica
A staggering 280 Android apps have been found using optical character recognition (OCR) to steal cryptocurrency credentials. These apps can capture sensitive information by scanning screen content, leading to theft of cryptocurrency from unsuspecting users.
SonicWall SSLVPN Access Control Flaw Exploited in Attacks
Link: Bleeping Computer
An access control flaw in SonicWall SSLVPN is now being actively exploited in attacks. This vulnerability allows attackers to bypass authentication, putting organizations using SonicWall VPNs at risk.
YubiKeys Clone Device Secret Keys
Link: Cybersecurity News
A newly discovered vulnerability allows attackers to clone YubiKeys by extracting secret keys. This flaw compromises the security of two-factor authentication devices, emphasizing the need for enhanced physical security measures.
D-Link Will Not Fix Four RCE Flaws in DIR-846W Routers
Link: Bleeping Computer
D-Link has announced that it will not fix four critical RCE flaws found in its DIR-846W routers, leaving users vulnerable to potential exploits. Users are encouraged to replace affected devices to protect their networks.
