Researchers have warned of two VMware ESXi hypervisor flaws which allow ransomware groups encrypt virtual hard drives. Hackers have been launching attacks since October 2020. There is more technical details below.Read more
Are you curious about what happened in the last few weeks at Xopero and what kind of activities we have prepared for you in the upcoming days? Well, check out our latest monthly summary – this is how January looked like…Read more
Baron Samedit is the newest major vulnerability impacting a large number of the Linux ecosystems. The bug is not a new development – it has been hiding in plain sight for nearly ten years. That’s quite a long time, fortunately, it has been patched already. More information will provide the article below.Read more
The main lesson from pandemic for businesses is to keep agile. One of the solutions was to change the work model, to protect their employees, allowing (or forcing) them to work from home, not from the office. It was possible mainly thanks to available cloud services like Office 365. But this change sprouted a lot of problems with the protection of business-sensitive data. It is proved that when it comes to business security, the biggest threat is human errors. So you might be surprised but not well enough educated employees may put your company’s data in danger – especially while working from home. How to protect then your remote Microsoft Office 365 data best?Read more
FreakOut is a new botnet observed by specialists from CheckPoint. It targets Linux systems running vulnerable versions of the TerraMaster OS for network-attached storage servers, web apps and services using the Zend Framework, and the Liferay Portal CMS. The largest number of hits was discovered in the USA and, to a lesser extent, European countries such as Germany and The Netherlands. More information can be found below…Read more
SolarWinds data breach every week returns like a boomerang – this time with SolarLeaks [.]net website, whose owners claim to be selling the stolen data from Microsoft, Cisco, FireEye, and SolarWinds. And it seems there were the same attackers who abused one of Mimecast’s certificates to access M365 accounts… And it’s not the end of Microsoft’s problems described today…
What more? Capcom, game manufacturer and publisher (i.e. Resident Evil, Street Fighter) released a new update for their ransomware attack and data breach investigation. The incident was worse than initially thought…Read more
The massive SolarWinds breach still arouses discussions and controversy. Now it turns out that Microsoft source code was exposed. In the first article, we wonder what does it mean for users and organizations. What more? Babuk Locker – new year, new ransomware, PayPal smishing, and new victim identification technique.Read more
Welcome to the first monthly summary of 2021! The beginning of the new year is a perfect moment to make some resolutions, summaries, and reviews. Well… let’s find out what happened in the last few weeks at Xopero and what the future will bring us…Read more
In your company you probably use one of the two most popular SaaS (software-as-a-service) platforms to increase productivity. You use their email, work productivity tools, storage and many more. Do you already know what services we are talking about? Yes, Google G Suite and Microsoft Office 365.
Each of them provides your organization with essential tools, you might need for your team to work efficiently. As usual, there are advantages and disadvantages of each solution. And depending on your needs you can migrate your organization from one to another.
In this article, I will focus on migration from G Suite to Microsoft Office 365.Read more
Welcome to the next episode of the Xopero Security Center – the first one in 2021! But let’s make a small step back first and take a look at some of the most interesting news from the last week. Google has patched a bug in its feedback tool incorporated across its services which allowed attackers to see your private Google Docs documents. T-Mobile also got some problems – a second data leak in 2020, but this time from the CPNI system. The hosting giant Wasabi was also struggling. The cloud storage service has been knocked offline for 13 hours. And the last one… Cybersecurity specialists spotted a new multi-platform malware that transforms Windows and Linux servers into Monero miners. More details can be found below.Read more