Masslogger comeback – a new and powerful variant steals Outlook and Chrome credentials

MassLogger malware has come back in a new variant which is much more powerful than the old spyware that has attacked the Windows platform for years. (Brand)New and better? Yes. We are dealing with a Trojan horse that tries to steal usernames and passwords from Microsoft Outlook, the Thunderbird email client, and password managers built into Google Chrome, Mozilla Firefox, Microsoft Edge and other browsers. Have you got any suspicious-looking email? Better never open it. Want to find out more about MassLogger? Check the article below for more information.

Read more

Dependency Confusion – a new cyberattack method takes advantage of open ecosystems

A novel supply chain attack, called dependency confusion or a substitution attack, takes advantage of the open ecosystem that many businesses use as part of their app development process. And given that business apps have become increasingly important, any threat to the app development supply chain could potentially have huge implications. Found this short intro interesting? Then click and read the whole new episode of the Xopero Security Center.

Read more

New FreakOut botnet targets Linux-based systems worldwide

FreakOut is a new botnet observed by specialists from CheckPoint. It targets Linux systems running vulnerable versions of the TerraMaster OS for network-attached storage servers, web apps and services using the Zend Framework, and the Liferay Portal CMS. The largest number of hits was discovered in the USA and, to a lesser extent, European countries such as Germany and The Netherlands. More information can be found below…

Read more

SolarLeaks – a new chapter in the SolarWinds data breach

SolarWinds data breach every week returns like a boomerang – this time with SolarLeaks [.]net website, whose owners claim to be selling the stolen data from Microsoft, Cisco, FireEye, and SolarWinds. And it seems there were the same attackers who abused one of Mimecast’s certificates to access M365 accounts… And it’s not the end of Microsoft’s problems described today…

What more? Capcom, game manufacturer and publisher (i.e. Resident Evil, Street Fighter) released a new update for their ransomware attack and data breach investigation. The incident was worse than initially thought…

Read more

T-Mobile second 2020 data leak / Google Docs not so private…

Welcome to the next episode of the Xopero Security Center – the first one in 2021! But let’s make a small step back first and take a look at some of the most interesting news from the last week. Google has patched a bug in its feedback tool incorporated across its services which allowed attackers to see your private Google Docs documents. T-Mobile also got some problems – a second data leak in 2020, but this time from the CPNI system. The hosting giant Wasabi was also struggling. The cloud storage service has been knocked offline for 13 hours. And the last one… Cybersecurity specialists spotted a new multi-platform malware that transforms Windows and Linux servers into Monero miners. More details can be found below.

Read more

SolarWinds backdoor got a kill switch – there is still about 18k potential victims

SolarWinds backdoor and connected with it a recent supply-chain attack are one of the biggest cyber incidents we have witnessed in years. The compromised software channel was used to push out malicious updates onto 18,000 of their Orion platform customers. There is a new development in this case. Security specialists turned a malicious domain name used to control potentially thousands of computer systems into a kill switch. How it was done exactly? Well… check the newest episode of Xopero Security Center to find out more.

Read more

New Microsoft Teams flaw is a big security concern – then what has gone wrong, Microsoft?

The nature of the flaw in Microsoft Teams allows performing an attack in which the recipient of a message does not need to perform any sort of action – exploitation will occur just by reading it. And what comes as a real surprise is a fact that the zero-click remote code execution vulnerability did not receive a CVE. Considering how many companies rely on MS Teams as a collaboration software, it is extremely important that organizations prioritize patching this vulnerability. And not giving it a CVE sends a bad message.

Read more