BootHole – the new security hole affects one of the most popular bootloader components in the market. The list of affected systems includes servers and workstations, laptops and desktops, and possibly a large number of Linux-based OT and IoT systems.
Read moreXopero Blog
Prometei, the new botnet uses Windows SMB to mine Monero
Welcome to the next episode of the Xopero Security Center! This time we are sharing with you information about recently discovered a complex Monero botnet, named Prometei. Among other things, the new threat is using stolen credentials and also takes advantage of SMB exploits. Keep reading.
Read moreSIGRed: Wormable Remote Code Execution in Windows DNS Server
Researchers at CheckPoint discovered a 17-year-old wormable, critical vulnerability in the Windows DNS server – named SIGRed – that can be triggered by a malicious DNS response. Microsoft urges Sysadmins to patch servers as quickly as possible.
Read moreProject Freta: will it make the cloud a place unsuitable for cyberattacks?
Project Freta is a cloud-based malware detection service announced by Microsoft Research Team. Malware, rootkits, cryptominers… Hard to detect threats which are lurking in cloud VM images should be much easier to reach and deal with. And Freta already supports over 4k Linux kernel versions. Let’s just say that it looks promising.
Read morePAN-OS vulnerability can bypass authentication on NGFW devices
US Cyber Command has warned users to immediately patch the new critical vulnerability in PAN-OS. Is it really such a major security concern? 10/10 CVSSv3 score means that you definitely should not waste any more time… Hacking groups are likely to start exploiting this bug soon.
Read moreGlupteba: malware is now armed with every trick you’ve heard of
Glupteba has been first spotted in 2018. Now after almost 2 years, malware is still a serious threat. This is not just a malware – it’s also a rootkit, security suppressor, virus, router attack tool, browser stealer, and cryptojacker…
Read moreRipple20 affects hundreds of millions of devices
Welcome to the next episode of the Xopero Security Center! This time we are sharing security news about the Ripple20 vulnerability set, which affects a widely used low-level TCP/IP library. Researchers discovered 19 dangerous 0-day (sic!). Unfortunately, there is no easy solution. At last for now…
Read moreSMBleed vulnerability allows an attacker to leak kernel memory
Welcome to the next episode of the Xopero Security Center! There is a new SMB protocol vulnerability called SMBleed and tracked as CVE-2020-1206 which allows an attacker to leak kernel memory remotely, without any authentication. How can it be exploited? Check below.
Read moreSign in with Apple got 0-day which allowed unauthorized access to third-party user accounts
Welcome to the next episode of the Xopero Security Center! This week we look at a bug in Sign in with Apple service that could expose users to possible hacking and third-party account takeover.
Read moreStrandHogg 2.0, ComRAT and PonyFinal – three biggest cyberthreats of the week
Welcome to the next episode of the Xopero Security Center! Three new biggest cyberthreats show that the attackers can be really adaptive. Gmail web interface used to command and control? Check. Human-operated ransomware attacks. Check. But let’s start with the newly discovered Android flaw which allows to carry on a large-scale StrandHogg 2.0 attack.
Read more