![]() Researchers found that specific web pages and extensions could connect to My Flow, and they identified a vulnerable, outdated version of the My Flow landing page that lacked necessary security measures. The flaw originated from Opera's My Flow feature, a pre-installed browser extension called Opera Touch Background, which facilitates file and note sharing between desktop and mobile versions of the browser. ![]() This vulnerability was identified by cybersecurity researchers at Guardio Labs, who promptly notified Opera's developers, leading to a resolution of the issue. ![]() Opera, a widely-used Chromium-based browser, was recently discovered to have a significant security flaw that could have allowed hackers to install and run any file on both Windows and macOS operating systems. **□ Cybersecurity Alert: Opera Browser Vulnerability Exposed Windows and macOS Devices to Hacker Attacks** #Cybersecurity #ApacheActiveMQ #CVE2023-46604 #Ransomware #HelloKitty #CyberAttack #InfoSecĬritical Apache ActiveMQ bug exploited by ransomware crew Organizations should monitor their environments for signs of compromise. Users are urged to upgrade to the fixed versions as soon as possible. ![]() The HelloKitty group is known for its 2021 attack on CD Projekt Red and mainly targets smaller businesses. The majority of vulnerable services are in China (1,349 unpatched), followed by the US (530 unpatched), and Germany (154 unpatched). As of November 1, only 105 services have been patched. Shadowserver found almost half of all reachable services (3,329) were vulnerable as of October 30. The HelloKitty ransomware family is suspected to be involved. Rapid7's investigation revealed ransomware targeting on outdated versions of Apache ActiveMQ. Fixes were released on the same day as the announcement. The vulnerability was announced on October 25. The flaw, tracked as CVE-2023-46604, is a maximum-severity vulnerability that allows for remote code execution (RCE) on affected versions. Security experts have identified active exploitation of a critical vulnerability in Apache ActiveMQ by ransomware criminals. ![]() # □ Cybersecurity Alert: Critical Apache ActiveMQ Flaw Exploited by Ransomware Criminals □ ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |