Welcome to the newest episode of the Xopero Security Center. What is a threat of the week this time? FragAttacks vulnerabilities have been part of Wi-Fi since its release in 1997. This means that most devices produced during the last 24 years are vulnerable to the attack. How severe is this new threat? To uncover this true check the whole post below.
Read moreIn today’s Security Center, we revolve around big numbers. We will start with… Dell. The popular computer vendor has a serious problem. Due to a bug that is over 12 years old, millions of users are vulnerable to attack. 2nd: nearly 30% of all mobile phones can become the “entry point” for a more complex attack. The culprit? The Qualcomm’s Mobile Station Modem. 3rd: 21 serious vulnerabilities were detected in Exim mail servers. They are a kind of package, so they also got a collective name – 21Nails. Are they really the proverbial final nails in the coffin? Check for yourself. In this issue, we also describe the apps – downloaded more than 100 million times – with the hard-coded Amazon Web Services private keys. At this point, we can only say that the risk of cyber attacks is really high. Hungry for knowledge? Then please, go ahead and read the rest.
Read moreMany SMS scams are mostly focused on phishing and trying to trick the user into filling in a form with valuable credentials, FluBot differs from these threats and goes one step ahead. This new banking malware – described in today’s Security Center issue – tries to install malicious software on the phone itself and then uses the device to spread into the user’s contact network. And even if the success rate of this campaign will be low, with the number of SMS being sent out, it will be very profitable for threat actors. Who is behind this most ‘successful’ smishing campaign? How dangerous the FluBot really is? Check the blog post below – and don’t click on any suspicious link or download applications from unreliable sources.
Read moreWhether you already use Microsoft Exchange Online, or still considering it, there is one thing you need to be prepared for – to backup office 365 emails. You might think that Microsoft protection is enough for your needs, but the fact is that in case of disaster on the client-side Microsoft takes no responsibility for the data you store. That also applies to all your emails which as the main communication channel in your company includes confidential information, documents and your business secrets. In this article, we will take a look at why you should backup office 365 emails, and how to do it with Xopero Software.
Read moreHaving a backed up copy of your data, allows having them recovered, in case of emergency. But when to create that copy? How often to perform a backup? Do you need to backup every day? In this article we’ll talk about backup strategies – FIFO scheme and GFS scheme.
Read moreWhen we were preparing this Security Center issue, none of us thought that the new campaign which targets QNAP NAS devices is going to escalate in a such way. In just five days, attackers using only the 7zip archive program remotely encrypted QNAP NAS devices – with Qlocker ransomware – from all over the world. How was it possible? Threat actors scanned for devices connected to the Internet and exploited them using the recently disclosed vulnerabilities. More information about these security bugs can be found below.
Read moreIn the last blog post we covered full, incremental, and differential backup. In this one, we will talk about backup types which are a variance of them: forever incremental, synthetic, reverse incremental.
Read moreAndroid users have new reasons to worry… again. About a week ago, we provided information about the FlixOnline application which operators were able to successfully bypass the application authentication system in the Google Play Store. This time we report two serious bugs found in WhatsApp. They enable the so-called ‘man-in-the-disk’ attack. What is it exactly? Attackers are able to manipulate the data exchanged between the application and external memory. Details can be found below.
Read moreGitHub, Bitbucket or GitLab? What to choose? For some businesses, especially those for which code as intellectual property is the most valuable asset, the security of code hosting and version control service aspect might be a decision-maker. In this article, we take a closer look at GitHub security.
Read moreFull copy, incremental copy, differential copy… today we are going to talk about different backup types. We will start from absolute basics, but more experienced in that field reader should be able to find something interesting as well.
Read more