NVIDIA published a patch for a critical bug in their high-performance DGX servers that could open the door for a remote intruder to take control of and access sensitive data on systems typically operated by governments and Fortune-100 companies. Vulnerable NVIDIA DGX servers are affected by DGX-1, DGX-2, and DGX A100. Four of the bugs held determined high-severity (CVE‑2020‑11484, CVE‑2020‑11487, CVE‑2020‑11485, CVE‑2020‑11486), with the most serious of the four tracked as CVE‑2020‑11484.
Researchers discovered a critical vulnerability in the Oracle WebLogic Server. Oracle WebLogic Server is a general application server used in building and deploying enterprise Java EE applications. Oracle fixed the flaw in the massive October release of its quarterly Critical Patch Update (CPU), which fixed 402 vulnerabilities across various product families. Oracle WebLogic servers continue to be hard-hit with exploits. In May 2020, Oracle forced customers to fast-track a patch for a critical flaw in its WebLogic Server under active attack.
Cybersecurity researchers have published details about a new attack targeting the Korean diaspora that exploits flaws in browsers such as Google Chrome and Internet Explorer to install malware for espionage missions. Operation Earth Kitsune has disposed of the spyware samples on websites affiliated with North Korea, although access to these websites blocked users from South Korean IP addresses. The campaign is very diversified, deploying numerous examples to the victim PC and using multiple command-and-control servers through this operation.
Google has removed several Android applications from the official Play Store following the declaration that the apps in issue are found to serve intrusive ads. The apps masked as pure gaming apps and came packed with HiddenAds malware, a famous Trojan known for its capacities to serve intrusive ads outside of the app. The organization following the process relies on social media channels to lure users into downloading the apps. Once installed, the apps hide their icons to prevent deletion and hide behind relevant-looking advertisements, making them hard to identify.
Wyckoff Heights Medical Center and the University of Vermont Health Network was under attack by the Ryuk ransomware spree covering the healthcare industry across the U.S. To prevent the spread of the attack to other devices, they were told that Wyckoff Hospital shut down portions of their network, but it was too late by then, and many of the tools had been encrypted. Hospitals that are forced to pay a Ryuk ransom need to be careful of using their decryptor as it is known to certain corrupt types of files.
Enter your email address to subscribe to Hacken Reseach and receive notifications of new posts by email.