Cyber Bits · · 2 min read

Cyber Bits: September 9

This week’s coverage focuses on renewed spyware threats, Russian cyberattacks, critical vulnerabilities impacting Veam, Sonicwall, Dlink and Yubi, and air-gapping might not be enough any more.

Cyber Bits: September 9

This week’s coverage focuses on renewed spyware threats, Russian cyberattacks, critical vulnerabilities impacting Veam, SonicWall, D-Link and Yubi, and air-gapping might not be enough any more.

Predator Spyware Infrastructure Returns

Link: Cybersecurity News

The Predator spyware infrastructure has resurfaced, posing a significant threat to organizations worldwide. This sophisticated spyware is known for its ability to compromise devices and collect sensitive information.

Russian Military Hackers Attacking Critical Infrastructure

Links: Cybersecurity News Dark Reading

Russian military hackers have been actively targeting critical infrastructure in the US and allied countries. Federal agencies are warning organizations to bolster their defenses against this increased cyber threat.

Veeam Software Vulnerabilities Allow Remote Code Execution

Links: Cybersecurity News Bleeping Computer

Vulnerabilities in Veeam software have been identified that allow attackers to trigger remote code execution (RCE). This critical flaw impacts Veeam’s backup and replication software, making immediate patching essential.

New RAMBo Attack Steals Data Using RAM in Air-Gapped Computers

Link: Bleeping Computer

Researchers have uncovered a new attack method called RAMBo, which uses the RAM in air-gapped computers to steal sensitive data. This technique exploits electromagnetic signals emitted from RAM chips, posing a risk to high-security environments.

280 Android Apps Use OCR to Steal Cryptocurrency Credentials

Link: Ars Technica

A staggering 280 Android apps have been found using optical character recognition (OCR) to steal cryptocurrency credentials. These apps can capture sensitive information by scanning screen content, leading to theft of cryptocurrency from unsuspecting users.

SonicWall SSLVPN Access Control Flaw Exploited in Attacks

Link: Bleeping Computer

An access control flaw in SonicWall SSLVPN is now being actively exploited in attacks. This vulnerability allows attackers to bypass authentication, putting organizations using SonicWall VPNs at risk.

YubiKeys Clone Device Secret Keys

Link: Cybersecurity News

A newly discovered vulnerability allows attackers to clone YubiKeys by extracting secret keys. This flaw compromises the security of two-factor authentication devices, emphasizing the need for enhanced physical security measures.

Link: Bleeping Computer

D-Link has announced that it will not fix four critical RCE flaws found in its DIR-846W routers, leaving users vulnerable to potential exploits. Users are encouraged to replace affected devices to protect their networks.

Read next

Cyber Bits: November 25
Cyber Bits ·

Cyber Bits: November 25

Welcome to this week's edition of Cyber Bits, where we cover the latest in malware campaigns, advanced persistent threats, data breaches, vulnerabilities in enterprise systems from Fortinet and Palo Alto, and the economic impact of cyberattacks. Here's what you need to know this week:

Cyber Bits: October 21
Cyber Bits ·

Cyber Bits: October 21

In this week's Cyber Bits, Internet Archive faces another breach, Microsoft sets up Azure tenant honeypots, ransomware attacks are using ESET's name, Microsoft may have lost some security logs, and North Korea is targeting companies looking for temporary IT workers.

Cyber Bits: October 14
Cyber Bits ·

Cyber Bits: October 14

In this weeks Cyber Bits, Microsoft deprecates VPN protocols, OpenAI confirms what everyone already knew about bad guys using ChatGPT for malware, SOC teams lament alert fatigue, qualified personnel gaps in cloud and cyber, and how to build cyber resilience for SMB's.