2,732 PickPoint package delivery lockers hacked, DoppelPaymer gang demands $34M ransom from Foxconn, and more

Originally published at: https://cloudsek.com/threatintel/2732-pickpoint-package-delivery-lockers-hacked-doppelpaymer-gang-demands-34m-ransom-from-foxconn-and-more/

Round Up of Major Breaches and Scams

One in Five Online Marketplace Listings Show Signs of Fraud

Around one in five (19%) items listed on UK online marketplaces over Black Friday and Cyber Monday this year showed signs of being fraudulent or dangerous, according to an analysis by Besedo. In total, the investigation of around 3000 public listings in the month of November found that 15% of items had indications of being scams. A particularly high proportion of consumer electronic products were observed to have these characteristics, with the researchers stating that 22% of PlayStation 5 listings were likely to be scams.

2,732 PickPoint package lockers opened in Moscow by hacker

A hacker has forced open 2,732 package delivery lockers in Moscow using a cyber-attack. The attack by an unknown hacker too place on Friday afternoon, December 4, targeting PickPoint’s network, a local delivery service which looks after a network of over 8,000 package lockers in Moscow and Saint Petersburg. PickPoint’s service allows Russians to order products online and have them delivered to any PickPoint locker instead of their home address.

Round Up of Major Malware and Ransomware Incidents

Foxconn hit with record-breaking $34 million ransom demand after cyber attack

Electronics manufacturer Foxconn was infected with the DoppelPaymer ransomware last month. Hacking group has begun to publish files stolen from company’s servers during the attack. The world’s largest electronics manufacturer, Foxconn, has suffered a cyber attack and extortionists are reportedly demanding a $34 million ransom be paid for the recovery of its data.

Round Up of Major Vulnerabilities and Patches

Coronavirus vaccine side-effect tracker vulnerable to manipulation

A new smartphone tool which can track live side-effect of those vaccinated with the new American coronavirus vaccine is thought to be vulnerable to manipulation. This has raised concerns that malicious actors could access the tools system in order to undermine confidence in the shots, according to both federal and state health officials. The text-messaging system, V-safe, has been designed to provide early indications of possible adverse reactions to the vaccines.

D-Link VPN routers get patch for remote command injection bugs

A vulnerability in D-link firmware powering multiple routers with VPN passthrough functionality allows attackers to take full control of the device. The bug affects router models DSR-150, DSR-250/N, DSR-500, and DSR-1000AC running firmware version 3.17 or below. Reported by Digital Defense’s Vulnerability Research Team on August 11, the flaw is a root command injection that can be exploited remotely if the device’s “Unified Services Router” web interface is reachable over the public internet.

NSA warns of Russian state-sponsored hackers exploiting VMWare vulnerability

The US National Security Agency has published a security alert today urging companies to update VMWare products for a vulnerability that is currently exploited by “Russian state-sponsored malicious cyber actors.” The vulnerability tracked as CVE-2020-4006, impacts VMWare endpoint and identity management products, often deployed in enterprise and government networks.

Expert discloses zero-click, wormable flaw in Microsoft Teams

Security expert disclosed technical details about a wormable, cross-platform flaw in Microsoft Teams that could allow stealth attacks. Security researcher Oskars Vegeris from Evolution Gaming has published technical details on a wormable, cross-platform vulnerability in the business communication platform Microsoft Teams. The flaw is a cross-site scripting (XSS) issue that impacts the ‘teams.microsoft.com’ domain.

Critical remote code execution fixed in PlayStation Now

Security flaws in the PlayStation Now cloud gaming Windows application allowed hackers to execute arbitrary code on Windows systems. Bug bounty hunter Parsia Hakimian discovered multiple security flaws in the PlayStation Now (PS Now) cloud gaming Windows application that allowed hackers to execute arbitrary code on Windows devices running vulnerable app versions. The bugs affected PS Now version 11.0.2 and earlier on systems running Windows 7 SP1 or later.

Google patches four high‑severity flaws in Chrome

The new release patches a total of eight vulnerabilities affecting the desktop versions of the popular browser. Google has rolled out an update last week for its Chrome web browser that fixes a range of security flaws including four that have been classified as highly severe. The vulnerabilities affect the Windows, macOS, and Linux versions of the popular browser. As is common, details about the security loopholes are not openly shared by the tech titan until most users have had a chance to update their browsers to the newest version.