The main lesson from pandemic for businesses is to keep agile. One of the solutionsRead more
The main lesson from pandemic for businesses is to keep agile. One of the solutions was to change the work model, to protect their employees, allowing (or forcing) them to work from home, not from the office. It was possible mainly thanks to available cloud services like Office 365. But this change sprouted a lot of problems with the protection of business-sensitive data. It is proved that when it comes to business security, the biggest threat is human errors. So you might be surprised but not well enough educated employees may put your company’s data in danger – especially while working from home. How to protect then your remote Microsoft Office 365 data best?Read more
FreakOut is a new botnet observed by specialists from CheckPoint. It targets Linux systems running vulnerable versions of the TerraMaster OS for network-attached storage servers, web apps and services using the Zend Framework, and the Liferay Portal CMS. The largest number of hits was discovered in the USA and, to a lesser extent, European countries such as Germany and The Netherlands. More information can be found below…Read more
SolarWinds data breach every week returns like a boomerang – this time with SolarLeaks [.]net website, whose owners claim to be selling the stolen data from Microsoft, Cisco, FireEye, and SolarWinds. And it seems there were the same attackers who abused one of Mimecast’s certificates to access M365 accounts… And it’s not the end of Microsoft’s problems described today…
What more? Capcom, game manufacturer and publisher (i.e. Resident Evil, Street Fighter) released a new update for their ransomware attack and data breach investigation. The incident was worse than initially thought…Read more
The massive SolarWinds breach still arouses discussions and controversy. Now it turns out that Microsoft source code was exposed. In the first article, we wonder what does it mean for users and organizations. What more? Babuk Locker – new year, new ransomware, PayPal smishing, and new victim identification technique.Read more
Welcome to the first monthly summary of 2021! The beginning of the new year is a perfect moment to make some resolutions, summaries, and reviews. Well… let’s find out what happened in the last few weeks at Xopero and what the future will bring us…Read more
In your company you probably use one of the two most popular SaaS (software-as-a-service) platforms to increase productivity. You use their email, work productivity tools, storage and many more. Do you already know what services we are talking about? Yes, Google G Suite and Microsoft Office 365.
Each of them provides your organization with essential tools, you might need for your team to work efficiently. As usual, there are advantages and disadvantages of each solution. And depending on your needs you can migrate your organization from one to another.
In this article, I will focus on migration from G Suite to Microsoft Office 365.Read more
Welcome to the next episode of the Xopero Security Center – the first one in 2021! But let’s make a small step back first and take a look at some of the most interesting news from the last week. Google has patched a bug in its feedback tool incorporated across its services which allowed attackers to see your private Google Docs documents. T-Mobile also got some problems – a second data leak in 2020, but this time from the CPNI system. The hosting giant Wasabi was also struggling. The cloud storage service has been knocked offline for 13 hours. And the last one… Cybersecurity specialists spotted a new multi-platform malware that transforms Windows and Linux servers into Monero miners. More details can be found below.Read more
SolarWinds backdoor and connected with it a recent supply-chain attack are one of the biggest cyber incidents we have witnessed in years. The compromised software channel was used to push out malicious updates onto 18,000 of their Orion platform customers. There is a new development in this case. Security specialists turned a malicious domain name used to control potentially thousands of computer systems into a kill switch. How it was done exactly? Well… check the newest episode of Xopero Security Center to find out more.Read more
As users in your organization work on their projects, they generate more and more data you probably want to protect. Microsoft provides a few tools to prevent data loss. One of these is Office 365 backup policies. In this article we will take a closer look at Microsoft Office 365 backup policies explaining how to set them up or how they can be used to reduce the probability of Office 365 data loss. Let’s start!Read more
The nature of the flaw in Microsoft Teams allows performing an attack in which the recipient of a message does not need to perform any sort of action – exploitation will occur just by reading it. And what comes as a real surprise is a fact that the zero-click remote code execution vulnerability did not receive a CVE. Considering how many companies rely on MS Teams as a collaboration software, it is extremely important that organizations prioritize patching this vulnerability. And not giving it a CVE sends a bad message.Read more