Tag Archive for: run’

Site run by cyber criminals behind Fulton County ransomware attack taken over

/in


Fulton County hacker site taken offline

A hacking group that claims to be behind Fulton County’s ransomware attack has been taken offline buy international law enforcement.

FULTON COUNTY, Ga.International officials believe they have gotten to the bottom of a cyberattack in Fulton County.

On Monday, a website belonging to a group of accused cyber criminals who claimed responsibility for the ransomware incident in Fulton County was taken down by the National Crime Agency of the UK.

The international law enforcement group working in conjunction with the FBI says they will report more information about the takeover on Feb. 20.

Lockbit website reportedly taken over by The National Crime Agency of the UK. This screenshot was taken on Feb. 19, 2024.

What Fulton County systems are impacted by the cyberattack?

Officials say the cyberattack in late January affected the county’s phone system, court system, tax system and jailhouse.

“A number of our primary technology platforms are affected by this incident,” Fulton County Board of Commissioners Chairman Robb Pitts said. Two weeks later, officials revealed that the attack may have been financially motivated.

Was my personal information compromised during Fulton County ransomware attack?

Fulton County did not say what information hackers might have, but according to a screenshot from the alleged hacking group’s website posted on social media, it might include confidential documents and personal data of citizens.

Last week, the Lockbit group threatened to release the data they stole.

The hackers gave Fulton County until Feb. 16 to pay a ransom. FOX 5 Atlanta reached out to determine whether it was paid, but has not received an answer.

“If we determine sensitive personal information was involved in this incident, we will notify those parties in accordance with legal requirements,” Pitts said.

The county says the investigation is ongoing and warns the situation is not unique to Fulton County.

“Incidents like these are on the rise across the United States and the world, particularly in local governments and we at Fulton County are no exception,” Pitts said.

In the meantime, Fulton County officials say they are working to strengthen…

Source…

Opera found a significant security flaw that could have allowed hackers to run any file they want – but it says everything is now fine

/in


UPDATE: Opera has published a response to the reports, claiming that the flaw is no longer active and has been addressed.

“There is no evidence that the vulnerability was ever exploited, and Opera users’ security was never compromised as a result,” it said. “It’s also important to note that, as mentioned above, the vulnerability would require the installation of a malicious add-on in order to work. This would be very hard to accomplish on Opera, because we employ manual review in our add-ons store – another measure we take to protect users.”

Source…

Opera MyFlaw Bug Could Let Hackers Run ANY File on Your Mac or Windows

/in


Jan 15, 2024NewsroomVulnerability / Browser Security

Opera MyFlaw Flaw

Cybersecurity researchers have disclosed a security flaw in the Opera web browser for Microsoft Windows and Apple macOS that could be exploited to execute any file on the underlying operating system.

The remote code execution vulnerability has been codenamed MyFlaw by the Guardio Labs research team owing to the fact that it takes advantage of a feature called My Flow that makes it possible to sync messages and files between mobile and desktop devices.

“This is achieved through a controlled browser extension, effectively bypassing the browser’s sandbox and the entire browser process,” the company said in a statement shared with The Hacker News.

The issue impacts both the Opera browser and Opera GX. Following responsible disclosure on November 17, 2023, it was addressed as part of updates shipped on November 22, 2023.

My Flow features a chat-like interface to exchange notes and files, the latter of which can be opened via a web interface, meaning a file can be executed outside of the browser’s security boundaries.

Cybersecurity

It is pre-installed in the browser and facilitated by means of a built-in (or internal) browser extension called “Opera Touch Background,” which is responsible for communicating with its mobile counterpart.

This also means that the extension comes with its own manifest file specifying all the required permissions and its behavior, including a property known as externally_connectable that declares which other web pages and extensions can connect to it.

Opera MyFlaw Flaw

In the case of Opera, the domains that can talk to the extension should match the patterns “*.flow.opera.com” and “.flow.op-test.net” – both controlled by the browser vendor itself.

“This exposes the messaging API to any page that matches the URL patterns you specify,” Google notes in its documentation. “The URL pattern must contain at least a second-level domain.”

Guardio Labs said it was able to unearth a “long-forgotten” version of the My Flow landing page hosted on the domain “web.flow.opera.com” using the urlscan.io website scanner tool.

Opera MyFlaw Bug

“The page itself looks quite the same as the current one in production, but changes lie under the hood: Not only that it…

Source…

Avira Antivirus Is Causing Windows PCs To Run So Hard They Freeze Up, Fix Available

/in


One of the telltale signs that your PC has become ill with a virus is an unexpected slowdown in performance. Various forms of malware can sometimes feast on your system’s resources, whether it’s a hidden cryptocurrency miner, keylogger, or something else. Ironically, a recent update to Avira’s antivirus software is having the same effect on system PCs, with users reporting system freezes in Windows.

The issue came to light this week in a post on Reddit. A user who goes by “kiiniiwiinii” reported that their PC had suddenly begun freezing up, which prompted them to start disabling background apps one by one, until only Avira remained running.

“Two other people I know had the same issue (both have Avira). Fixed it by going into safe startup and uninstalling Aviera. This along with the game booster (that we didn’t enable) causing lag (took forever to figure out the cause) and the horrible support, I will be cancelling my subscription and keeping Avira uninstalled,” the user wrote.

Several others chimed in to the Reddit thread and said they too were experiencing the same performance hiccup. One user said they noticed the apparent glitch was causing Avira to utilize 100% of their processor and memory resources. Others reported seeing the same issue on dozens of client PCs. So, what gives?

Avira’s parent company, Gen Digital, confirmed the issue in a statement to Heise.de. According to Gen Digital, a bug in Avira’s firewall was causing the issue “under a certain condition.” The company also said that the issue has been resolved via a new software update.


“We are aware that a recent update from Avira has caused problems for some Windows 10 and Windows 11 users. These were automatically resolved by an update released on Monday, December 11th [at] 11:30 a.m. (CET). In the unlikely event that the update has not reached all computers, users can contact the Avira support team who will be happy to help them,” Gen Digital said.

Interestingly, Gen Digital also said that if the update does not arrive for some reason,…

Source…