Category: Security Center

Welcome to the next episode of the Xopero Security Center – the first one in 2021! But let’s make a small step back first and take a look at some of the most interesting news from the last week. Google has patched a bug in its feedback tool incorporated across its services which allowed attackers to see your private Google Docs documents. T-Mobile also got some problems – a second data leak in 2020, but this time from the CPNI system. And the last one… Cybersecurity specialists spotted a new multi-platform malware that transforms Windows and Linux servers into Monero miners. More details can be found below.

SolarWinds backdoor and connected with it a recent supply-chain attack are one of the biggest cyber incidents we have witnessed in years. The compromised software channel was used to push out malicious updates onto 18,000 of their Orion platform customers. There is a new development in this case. Security specialists turned a malicious domain name used to control potentially thousands of computer systems into a kill switch. How it was done exactly? Well… check the newest episode of Xopero Security Center to find out more.

The nature of the flaw in Microsoft Teams allows performing an attack in which the recipient of a message does not need to perform any sort of action – exploitation will occur just by reading it. And what comes as a real surprise is a fact that the zero-click remote code execution vulnerability did not receive a CVE. Considering how many companies rely on MS Teams as a collaboration software, it is extremely important that organizations prioritize patching this vulnerability. And not giving it a CVE sends a bad message.

Welcome to the next episode of Xopero Security Center. This time we are taking a good look into the Xanthe malware. Cisco Talos recently discovered a campaign affecting Linux systems employing a multi-modular botnet that uses various methods to spread across the network. How does it infect vulnerable infrastructures exactly? Check below.

Blackrota is a malicious backdoor written in the Go language that exploits a security bug in the Docker Remote API. Obfuscated malware written in Go is rare. What’s more, the obfuscation method of Blackrota creates new challenges for reverse analysis. More information regarding this new threat can be found below.

Jupyter malware is the newest threat in the wild. It is a trojan info stealer which also possesses full backdoor functionality. According to researchers at Morphisec, the malware campaign started off in May 2020. Since then, they tracked down a few different variants of Jupyter. The campaign goes on…. so beware.

Platypus is a novel software-based power side-channel attack on Intel server, desktop and laptop CPUs. Using this technique attacker could be able to extract secrets from a device, like cryptographic keys. How does it work exactly? Check our newest Security Center issues.

Welcome to the next episode of the Xopero Security Center! This time we shed some light on RegretLocker. This new ransomware is quite a sophisticated threat. It uses advanced techniques to compromise Windows virtual machines first, then encrypts virtual hard drives. How exactly? Check below.

Google continues to struggle with keeping bad apps off Play marketplace. This time researchers have discovered malicious gaming apps packed with a new threat from HiddenAds malware family. Apps were downloaded 8 million… Yes, definitely – Google is still struggling with its marketplace security.

Welcome to the next episode of the Xopero Security Center! GravityRAT is no longer just a Windows malware. New samples had revealed that the last variation targets also Android and iOS devices. What does it mean for cybersecurity professionals? Before we answer that… There is a new Chrome 0-day under active attacks. Check the news below.