Microsoft is pressing customers to install emergency patches as soon as possible. So far, there is only one highly skilled hacker group actively exploiting the vulnerabilities – named Hafnium – but the situation could change at any time. The best protection against this attack will be applying new patches now, not tomorrow or one week from today. More information about MS Exchange zero-days can be found below.
Read moreHere in Poland, February has been freezing – so to warm up a bit, we are in a hurry to bring you hot news and a summary of our activities during the past month. Check them out!
Read moreBeing able to transfer data between users easily, is key in running a successful business. So any program that allows you to do it can give you an advantage. One of such program is OneDrive for Business provided by Microsoft. If it’s so widely used, should you consider backup OneDrive for business? OneDrive for Business is a cloud service allowing your users to store data, synced, and access it from any device they log on to. This service offers great opportunities to improve your teams’ productivity. Allowing users to share files and collaborate on them in real time. But all those pros, unfortunately, can be neglected if someone outside your company gains access to the user account. In this article, we will take a closer look at the risks involved in using OneDrive for business in your company, and how you can increase protection against those risks with a proper third-party solution for OneDrive data protection.
Read moreAfter multiple proof-of-concept exploit scripts of VMware RCE new bug were published on GitHub, hackers started mass scanning for vulnerable Internet-exposed servers. The company patched the critical vulnerability already, but thousands of unpatched vCenter servers are still reachable over the Internet. This is a serious problem. It does look like this is the last moment for a safe update. More information about vCenter vulnerability can be found below.
Read moreMassLogger malware has come back in a new variant which is much more powerful than the old spyware that has attacked the Windows platform for years. (Brand)New and better? Yes. We are dealing with a Trojan horse that tries to steal usernames and passwords from Microsoft Outlook, the Thunderbird email client, and password managers built into Google Chrome, Mozilla Firefox, Microsoft Edge and other browsers. Have you got any suspicious-looking email? Better never open it. Want to find out more about MassLogger? Check the article below for more information.
Read moreBitbucket is considered a proven, secure Git repository management solution used by millions of companies worldwide. However, as in most services, there are moments of Bitbucket down. You might be lucky to not see for yourself what Bitbucket down means, but trust me – some other companies already experienced service outages or other problems, and more will. If you don’t want to join a group of users affected by Bitbucket problems, you might want to consider bringing in an additional layer of security in the form of a proper backup. In this article, we will talk about why you need one, and generally about why you should protect your Bitbucket repositories.
Read moreA novel supply chain attack, called dependency confusion or a substitution attack, takes advantage of the open ecosystem that many businesses use as part of their app development process. And given that business apps have become increasingly important, any threat to the app development supply chain could potentially have huge implications. Found this short intro interesting? Then click and read the whole new episode of the Xopero Security Center.
Read moreMicrosoft Office 365 suite is a service providing businesses with a package of productivity programs. This article will provide you with an Office 365 applications overview (now Microsoft 365). I will talk more precisely about Microsoft Office 365 applications offered in a package and a few more things correlated to the Microsoft 365 suite.
Read moreDoes your company use GitHub? And if so how do you protect your data there? You might be wondering why I’m asking that question when you consider GitHub as some sort of protection for your code. Well, you might be lucky enough to not see for yourself what exactly GitHub down means, but many users experienced problems with the service outage, and so will many do in the future. But there are some things you can do to ensure your data safety and accessibility when a failure occurs to GitHub. In this article, we will talk about why you need to protect your GitHub repos, and how to do it with a proper backup.
Read moreResearchers have warned of two VMware ESXi hypervisor flaws which allow ransomware groups encrypt virtual hard drives. Hackers have been launching attacks since October 2020. There is more technical details below.
Read more