NVIDIA Patches Critical Bug in High-Performance Servers
NVIDIA said a high-severity information-disclosure bug impacting its DGX A100 server line wouldn’t be patched until early 2021.
Kegtap, Singlemalt, Winekey Malware Serve Up Ransomware to Hospitals
Amid an uptick in attacks on healthcare orgs, malware families, Kegtap, Singlemalt and Winekey are being used to deliver the Ryuk ransomware to already strained systems.
University Email Hijacking Attacks Push Phishing, Malware
Attackers are compromising email accounts from popular universities, including Purdue and Oxford, to launch attacks that get around DMARC and SPF.
REvil Gang Promises a Big Video-Game Hit; Claims Massive Revenue
In a wide-ranging interview, a REvil leader said the gang is earning $100 million per year, and provided insights into the life of a cybercriminal.
Home Depot Confirms Data Breach in Order Confirmation SNAFU
Hundreds of emailed order confirmations for random strangers were sent to Canadian customers, each containing personal information.
Oracle WebLogic Server RCE Flaw Under Active Attack
The flaw in the console component of the WebLogic Server, CVE-2020-14882, is under active attack, researchers warn.
Bug-Bounty Awards Spike 26% in 2020
The most-rewarded flaw is XSS, which is among those that are relatively cheap for organizations to identify.
Xfinity, McAfee Brands Abused by Parked Domains in Active Campaigns
Malicious redirection websites are using typosquatting and impersonation to attack unwary visitors.
MySQL 8.0.22 Replication Enhancements
MySQL 8.0.22 was released roughly a week ago. It includes some nice additions to replication that we would like to call out. Here they are: Automatic Asynchronous Replication Connection Failover (WL#12649). This work, by Hemant Dangi, implements a mechanism in asynchronous replication that makes the replica automatically try to re-establish an asynchronous replication connection to…
More Hospitals Hit by Growing Wave of Ransomware Attacks
Hospitals in New York and Oregon were targeted on Tuesday by threat actors who crippled systems and forced ambulances with sick patients to be rerouted, in some cases.