Xopero Blog

Welcome to the next episode of the Xopero Security Center! This time we are sharing security news about the Ripple20 vulnerability set, which affects a widely used low-level TCP/IP library. Researchers discovered 19 dangerous 0-day (sic!). Unfortunately, there is no easy solution. At last for now…

Welcome to the next episode of the Xopero Security Center! There is a new SMB protocol vulnerability called SMBleed and tracked as CVE-2020-1206 which allows an attacker to leak kernel memory remotely, without any authentication. How can it be exploited? Check below.

Welcome to the next episode of the Xopero Security Center! This week we look at a bug in Sign in with Apple service that could expose users to possible hacking and third-party account takeover.

Welcome to the next episode of the Xopero Security Center! Three new biggest cyberthreats show that the attackers can be really adaptive. Gmail web interface used to command and control? Check. Human-operated ransomware attacks. Check. But let’s start with the newly discovered Android flaw which allows to carry on a large-scale StrandHogg 2.0 attack.

Welcome to the next episode of the Xopero Security Center! There is a curious case of… RagnarLocker ransomware. Its operators are running Oracle VirtualBox to hide its presence on infected computers inside a VM. Does it do the trick? Are they successful? Check below.

Welcome to the next episode of the Xopero Security Center! How to launch a cyberattack on devices equipped with Thunderbolt ports – even if the targeted device is locked and its drive encrypted? It looks like the attacker need only a short time window (physical access) a screwdriver and some portable hardware. But don’t be fooled, the ThunderSpy attack – which took years to develop – is really elegant.

Welcome to the next episode of the Xopero Security Center! There is new ransomware offered as a RaaS – named LockBit – that only needs a few hours to encrypt the entire network. This is really alarming – the faster it gets, the greater the chances the attackers will be not detected.

Welcome to the next episode of the Xopero Security Center! What a story! Seeing an animation can be enough to be impacted by a cyberattack. Fortunately, Microsoft has resolved security problems in Microsoft Teams that could have been used to take over user accounts – all with the help of a simple .GIF file. But let’s start from the beginning…

Welcome to the next episode of the Xopero Security Center! A team of academics discovered a new security bug that impacts FPGA chips used in data centers, IoT devices and many safety-critical applications today. What’s worse – it looks like there is no way to fix these issue. Houston, we have a problem…

Welcome to the next episode of the Xopero Security Center! The most crucial security updates of the week? There were few: Microsoft Patch Tuesday, Oracle and Adobe. There is also a critical bug in Google Chrome, so don’t forget to update. Coronavirus scams are still in the wide – be careful. And at last the secret behind xHelper – an unkillable Android backdoor – has been revealed.