US Cyber Command has warned users to immediately patch the new critical vulnerability in PAN-OS. Is it really such a major security concern? 10/10 CVSSv3 score means that you definitely should not waste any more time… Hacking groups are likely to start exploiting this bug soon.
Read moreGlupteba has been first spotted in 2018. Now after almost 2 years, malware is still a serious threat. This is not just a malware – it’s also a rootkit, security suppressor, virus, router attack tool, browser stealer, and cryptojacker…
Read moreWelcome to the next episode of the Xopero Security Center! This time we are sharing security news about the Ripple20 vulnerability set, which affects a widely used low-level TCP/IP library. Researchers discovered 19 dangerous 0-day (sic!). Unfortunately, there is no easy solution. At last for now…
Read moreWelcome to the next episode of the Xopero Security Center! There is a new SMB protocol vulnerability called SMBleed and tracked as CVE-2020-1206 which allows an attacker to leak kernel memory remotely, without any authentication. How can it be exploited? Check below.
Read moreWelcome to the next episode of the Xopero Security Center! This week we look at a bug in Sign in with Apple service that could expose users to possible hacking and third-party account takeover.
Read moreWelcome to the next episode of the Xopero Security Center! Three new biggest cyberthreats show that the attackers can be really adaptive. Gmail web interface used to command and control? Check. Human-operated ransomware attacks. Check. But let’s start with the newly discovered Android flaw which allows to carry on a large-scale StrandHogg 2.0 attack.
Read moreWelcome to the next episode of the Xopero Security Center! There is a curious case of… RagnarLocker ransomware. Its operators are running Oracle VirtualBox to hide its presence on infected computers inside a VM. Does it do the trick? Are they successful? Check below.
Read moreWelcome to the next episode of the Xopero Security Center! How to launch a cyberattack on devices equipped with Thunderbolt ports – even if the targeted device is locked and its drive encrypted? It looks like the attacker need only a short time window (physical access) a screwdriver and some portable hardware. But don’t be fooled, the ThunderSpy attack – which took years to develop – is really elegant.
Read moreWelcome to the next episode of the Xopero Security Center! There is new ransomware offered as a RaaS – named LockBit – that only needs a few hours to encrypt the entire network. This is really alarming – the faster it gets, the greater the chances the attackers will be not detected.
Read moreWelcome to the next episode of the Xopero Security Center! What a story! Seeing an animation can be enough to be impacted by a cyberattack. Fortunately, Microsoft has resolved security problems in Microsoft Teams that could have been used to take over user accounts – all with the help of a simple .GIF file. But let’s start from the beginning…
Read more