Monthly summary: GitProtect.io on GitHub Marketplace / Online Tour / DigitalAnarchist TV / New distribution

In the last summary, we warned you that here at Xopero a lot will be going on soon. And we were right. This is by far the hottest holiday in the history of Xopero! We managed to set off on a journey – we mean Xopero ONE Online Tour, a series of webinars about our brand new software’s possibilities and features. The timetable includes more stops! In July, we also managed to appear in two large marketplaces – GitHub and Rozetka. Oh, and we give the interview to the DigitalAnarchist broadcasting platform. 

Read more

How to recover deleted emails in Microsoft 365 with Xopero ONE

We live in a world of information and a lot of them circle in our emails. If you are a Microsoft 365 administrator, it’s only a matter of time before you are tasked with restoring deleted emails or other mailbox items. 

Although Microsoft provides you with some basic protection, you should additionally protect your emails by yourself. Email correspondence is an essential aspect of business operations, but an email message can be accidentally deleted. What else does put your Exchange data in danger? Cyberattack and losing email credentials as well as intentional deletion made by former employees.

In this article, we will look closer at what recovery options are provided by Microsoft, and how easily you can recover your email when you have Microsoft Office 365 backup solution.

Read more

BlackMatter & Haron – newborns or rebirths? / Apple urgent update / UBEL is the NEW Oscorp

Last week, the industry media reported on spectacular debuts or rebirths in the cybercriminal world. Do you remember our news from two weeks ago about the end of REvil? Well, we advised you to hold on with popping the champagne … The celebration was interrupted by the news about the emergence of two ransomware groups on the market – BlackMatter and Haron, which may turn out to be successors of REvil and Avaddon. And it’s not the end of big returns – Oscorp Android malware stealing data and funds from banking apps came back even stronger in a form of UBEL botnet. 

What else? If Apple calls for urgent updating of most devices just one week after a series of patches, know something is happening. In addition – a critical Hyper-V vulnerability, which received the infamous rating of 9.9 on a ten-grade threat scale!

Read more

File backup or image backup – what to choose?

In today’s world, there are many possible risks awaiting your data. Phishing attacks, accidental or intentional deletion of data, system errors, malicious hacker attacks. And many many more. Research says that the cost of 1 minute of IT infrastructure being down costs business from $926 to $17 244. That is why it is good to be well protected with a proper backup of your data. But when it comes to backup, which one to choose? File backup or image backup? In this article, we will take a closer look at where a file backup has its strengths and weaknesses, and where have those image backups are. Finally, I will try to answer your question about which to choose to best fit your needs.

Read more

Print driver with a 16-year-old bug / Sequoia / MosaicLoader / Malicious ChromePass

Today’s Security Center edition will make the temperature rise not only outside the window … but also among the owners of hundreds of millions of printers. A 16-year-old security bug found in HP, Xerox, and Samsung printers driver allows attackers to gain admin rights. But that’s not the end of the privilege escalation bugs. Other news should be of interest to Linux and Windows users, including all those waiting for the release of Windows 11 – this system has also been found vulnerable to a bug called Sequoia. What else? MosaicLoader malware and SEO poisoning attacks, and some interesting facts about ChromePass credential theft.

Read more

Joker malware / The end of REvil / New Windows Print Spooler vulnerability

There are a few disturbing “returns” in this Security Center release. Let’s start with Joker malware that has appeared again in Google Play. So far, 1,800 malicious applications have been removed from the marketplace. The new variant much more effectively avoids various types of security mechanisms – built into the device and Play Protect scanners as well. So be careful when installing new applications. Another interesting news … Media all over the world are wondering if this is the end of REvil. In recent days, the world’s largest ransomware gang has mysteriously disappeared from the web. The next weeks will show if it’s for good. As it turns out, the Windows Print Spooler problem is still up to date – this time with even worse repercussions. A new vulnerability – which Microsoft is warning about – could be exploited to perform unauthorized actions on the system. You can find the details below.

Read more

PrintNightmare security update / Kaseya attack crisis / WD got new 0-day

The PrintNightmare case definitely dominated the media during the last few days. There was a heated discussion as to whether the patch (released by Microsoft) solves the problem at all. Why such different opinions? The patch turned out to work against all known exploits, but it was not without its flaws. So if you are wondering if it is worth updating – yes, and do it as soon as possible. If there will be another patch release, you can definitely read about it in the Security Center.

Detailed information about the emergency security update – and other IT news – can be found below. Let’s start then.

Read more

Monthly summary: Xopero ONE On-Premise Premiere / Online Tour 2021

It was a long-awaited event  – and we do not mean holidays and summer trips. We couldn’t wait for the official release of Xopero ONE Backup & Recovery. And finally, we can announce it – the Xopero ONE On-Premise version is now available for download on our brand new website! This is of course the hottest news this summer, but along with the release, we are preparing a series of events and activities for you. Stay tuned! 

Read more

REvil got a new target – ESXi VMs / PrintNightmare / Critical bug in NETGEAR routers

Welcome to the Xopero Security Center. Do you remember Dell’s and WD My Book NAS’ stories from last week? Can today’s topics beat them? Let’s find out. There is a new and disturbing trend in the cybercriminal world. More and more hacker groups are migrating towards ESXi virtual machines. Now also REvil operators have prepared a Linux encryptor that is able to encrypt virtual resources. A new PoC exploit also made its (accidentally) debut on the internet. PrintNightmare, the new critical Windows RCE, runs at the highest privilege level. This means that it is capable to dynamically load third-party binaries. As you can see, the problem is quite serious. There has also been a discussion about the critical vulnerabilities in NETGEAR routers which could be reliably abused as a jumping-off point to compromise a network’s security and gain unfettered access. We also have some bad news for LinkedIn users – a new database with 700 million records has just hit the black market. Details can be found below.

Read more

WD My Book Live NAS under active attack – how to not end with the wiped up device

Welcome to the Xopero Security Center! Another ransomware news? No, not this time. However, data can be lost in more ways than one. For example, as a result of an unplanned factory restore. No more than half a week ago WD My Book NAS users fell victim to such a massive “update” or rather some form of a cyberattack. As always, more information can be found below. In this review: Dell is having a serious problem. The pre-installed firmware updater available on their computers may expose almost 30 million users or if you like – 128 models of this manufacturer’s devices, to attack. Also: Microsoft tracks a new BazaCall malware campaign using a fake call center to trick you, and Linux Marketplace bugs allow wormable attacks. Let’s begin.

Read more