Xopero Blog

Alien malware is a newly discovered banking trojan with an advanced ability to bypass two-factor authentication (2FA). There is more than 200 mobile apps imitated by this new threat including Bank of America and Microsoft Outlook. More about the Alien malware you can find below.

Last month Microsoft patched Zerologon – one of the most severe bugs ever reported to the company. A flaw could allow attackers to infiltrate enterprises by gaining administrative privileges, giving them access to companies’ Active Directory domain controllers. The vulnerability received 10 CVSS points, but details were never made public. Users and IT administrators never knew how dangerous the issue really was. More information can be found below.

Web skimming attacks are an ongoing threat to e-Commerce. But Baka skimmer with seven C&C servers and while using an XOR cipher to obfuscate its code pose a major security issue for merchants and their customers alike.

Welcome to the next episode of the Xopero Security Center! KryptoCibule is a new, 3 in 1threat for cryptocurrency owners! It has managed to stay under the radar for almost two years! In the first article of our IT news review, we take a closer look at this malware’s evolution. Ready for more?

Welcome to the next episode of the Xopero Security Center! Autodesk 3ds Max – a very popular software used by architects has a serious flaw. Recently, it was exploited by an advanced hackers-for-hire group. The attack hit an architecture company involved in luxury real-estate projects worth billions of dollars. What more?

Welcome to the next episode of the Xopero Security Center! Researchers at Guardicore Lab have discovered a new and very interesting botnet – named FritzFrog – that uses unusually advanced measures to infect servers and corral them into a peer-to-peer network. Keep reading.

If you are using TeamViewer, make sure you’re running its latest version. The newest release includes a patch for the serious vulnerability which could allow attackers to steal your system password and eventually compromise it. More about CVE 2020-13699 vulnerability you can find below.

Essentially, bad actors could abuse the Microsoft Teams Updater – an update mechanism – to download any malicious binary files from Comand-and-Control Servers.

BootHole – the new security hole affects one of the most popular bootloader components in the market. The list of affected systems includes servers and workstations, laptops and desktops, and possibly a large number of Linux-based OT and IoT systems.

Welcome to the next episode of the Xopero Security Center! This time we are sharing with you information about recently discovered a complex Monero botnet, named Prometei. Among other things, the new threat is using stolen credentials and also takes advantage of SMB exploits. Keep reading.