Xopero Blog - Page 13 of 21 -

Dependency Confusion – a new cyberattack method takes advantage of open ecosystems

15 February 2021 xopero_blogger Security Center

A novel supply chain attack, called dependency confusion or a substitution attack, takes advantage of the open ecosystem that many businesses use as part of their app development process. And given that business apps have become increasingly important, any threat to the app development supply chain could potentially have huge implications. Found this short intro interesting? Then click and read the whole new episode of the Xopero Security Center.

Microsoft Office 365 applications overview

12 February 2021 Marek Szajduk Microsoft 365

Microsoft Office 365 suite is a service providing businesses with a package of productivity programs. This article will provide you with an Office 365 applications overview (now Microsoft 365). I will talk more precisely about Microsoft Office 365 applications offered in a package and a few more things correlated to the Microsoft 365 suite.

GitHub down – why backup GitHub?

10 February 2021 xopero_blogger Git Backup

Does your company use GitHub? And if so how do you protect your data there? You might be wondering why I’m asking that question when you consider GitHub as some sort of protection for your code. Well, you might be lucky enough to not see for yourself what exactly GitHub down means, but many users experienced problems with the service outage, and so will many do in the future. But there are some things you can do to ensure your data safety and accessibility when a failure occurs to GitHub. In this article, we will talk about why you need to protect your GitHub repos, and how to do it with a proper backup.

VMware ESXi flaws abused in the wild

8 February 2021 xopero_blogger Security Center

Researchers have warned of two VMware ESXi hypervisor flaws which allow ransomware groups encrypt virtual hard drives. Hackers have been launching attacks since October 2020. There is more technical details below.

Monthly summary: Backup Heroes / Xopero ONE webinar

5 February 2021 xopero_blogger News

Are you curious about what happened in the last few weeks at Xopero and what kind of activities we have prepared for you in the upcoming days? Well, check out our latest monthly summary – this is how January looked like…

Baron Samedit – the newest sudo bug gives attackers root-level access

1 February 2021 xopero_blogger Security Center

Baron Samedit is the newest major vulnerability impacting a large number of the Linux ecosystems. The bug is not a new development – it has been hiding in plain sight for nearly ten years. That’s quite a long time, fortunately, it has been patched already. More information will provide the article below.

How to protect your remote Microsoft Office 365 data

26 January 2021 Marek Szajduk Microsoft 365

The main lesson from pandemic for businesses is to keep agile. One of the solutions was to change the work model, to protect their employees, allowing (or forcing) them to work from home, not from the office. It was possible mainly thanks to available cloud services like Office 365. But this change sprouted a lot of problems with the protection of business-sensitive data. It is proved that when it comes to business security, the biggest threat is human errors. So you might be surprised but not well enough educated employees may put your company’s data in danger – especially while working from home. How to protect then your remote Microsoft Office 365 data best?

New FreakOut botnet targets Linux-based systems worldwide

25 January 2021 xopero_blogger Security Center

FreakOut is a new botnet observed by specialists from CheckPoint. It targets Linux systems running vulnerable versions of the TerraMaster OS for network-attached storage servers, web apps and services using the Zend Framework, and the Liferay Portal CMS. The largest number of hits was discovered in the USA and, to a lesser extent, European countries such as Germany and The Netherlands. More information can be found below…

SolarLeaks – a new chapter in the SolarWinds data breach

18 January 2021 xopero_blogger Security Center

SolarWinds data breach every week returns like a boomerang – this time with SolarLeaks [.]net website, whose owners claim to be selling the stolen data from Microsoft, Cisco, FireEye, and SolarWinds. And it seems there were the same attackers who abused one of Mimecast’s certificates to access M365 accounts… And it’s not the end of Microsoft’s problems described today…

What more? Capcom, game manufacturer and publisher (i.e. Resident Evil, Street Fighter) released a new update for their ransomware attack and data breach investigation. The incident was worse than initially thought…

Ongoing SolarWinds breach / PayPal smshing / Babuk Locker

11 January 2021 xopero_blogger Security Center

The massive SolarWinds breach still arouses discussions and controversy. Now it turns out that Microsoft source code was exposed. In the first article, we wonder what does it mean for users and organizations. What more? Babuk Locker – new year, new ransomware, PayPal smishing, and new victim identification technique.