Xopero Security Center – latest IT news

Welcome to the first episode of the Xopero Security Center. Bugs and zero-days? Security breaches? Deadly malwares? New phishing campaigns? Yes, and so much more. Get yourself up to date with everything that happened in the last seven days.

Tuesday, 31 March 2020

Zoom Lets Attackers Steal Windows Credentials, Run Programs via UNC Links (Source)
Personal details for the entire country of Georgia published online (Source)
Marriott Reports Data Breach Affecting Up to 5.2 Million Guests (Source)

Wednesday, 1 April 2020

Attackers Leverage Excel File Encryption to Deliver Malware (Source)
Microsoft is working on mitigating an entire Windows bug class (Source)
How to Mitigate the Windows Font Parsing Zero-Day Bug via GPO (Source)
QR code generator scam steals thousands in Bitcoin (Source)
Millions of routers running OpenWRT vulnerable to attack (Source)
Hackers mining Monero on Microsoft SQL databases for last 2 years (Source)
Coronavirus ‘Financial Relief’ Phishing Attacks Spike (Source)
Coronavirus: Microsoft directly warns hospitals, ‘Fix your vulnerable VPN appliances’ (Source)

Thursday, 2 April 2020

Phishers Try “Text Direction Deception” Technique to Bypass Email Filters (Source)
There’s now COVID-19 malware that will wipe your PC and rewrite your MBR (Source)
Twitter discloses bug that cached private files sent or received via DMs (Source)

Friday, 3 April 2020

A hacker has wiped, defaced more than 15,000 Elasticsearch servers (Source)
COVID-19: Latest Security News & Commentar (Source)
Hacking forum gets hacked for the second time in a year (Source)

Saturday, 4 April 2020

Firefox Zero-Day Flaws Exploited in the Wild Get Patched (Source)
Bugs allowed hackers to hijack & activate Mac, iPhone cameras (Source)
Windows PCs exposed to attacks by critical HP Support Assistant bugs (Source)

Sunday, 5 April 2020

Docker servers targeted by new Kinsing malware campaign (Source)

See you on the next Monday
Xopero Security Center Team