Cyware Daily Threat Intelligence, December 08, 2020

Threat Intelligence

Share Blog Post

Top Breaches Reported in the Last 24 Hours

Ransomware hits Foxconn

Electronics giant Foxconn underwent a ransomware attack, in which the attackers stole unencrypted files and subsequently, encrypted them. The attack was conducted by the DoppelPaymer ransomware gang who published the stolen data on its leak site. The leaked data consists of generic business reports and documents.

Hacker opens PickPoint package lockers

An unknown hacker forced open 2,732 PickPoint package delivery lockers across Moscow. The hacker used an identified exploit and opened the PickPoint lockers, leaving thousands of packages exposed to theft.

Top Malware Reported in the Last 24 Hours

RANA malware allows snooping

A new strain of the RANA Android malware has been unveiled that spies on Telegram, WhatsApp, Skype, and other instant messaging platforms. The malware has been linked to the APT39 Iranian cyberespionage group and possesses new surveillance functionalities.

Phishing campaign against Microsoft 365

An email spoofing campaign has been identified to be targeting 200 million Microsoft 365 users across the financial services, telecom, manufacturing, insurance, healthcare, and utility sectors. The hackers use a domain spoofing technique to fabricate emails pretending to come from Microsoft Outlook.

Top Vulnerabilities Reported in the Last 24 Hours

Amnesia:33 affects TCP/IP stacks

A set of 33 vulnerabilities, dubbed Amnesia:33, has been discovered to affect four open-source TCP/IP stacks. These bugs can be abused to conduct RCE, DoS, info-leak, and DNS cache poisoning attacks. Experts estimate that around 150 vendors and millions of devices are potentially vulnerable to these bugs.

NSA warns about Kremlin

NSA has issued a warning against Kremlin, Russian state-sponsored hackers, exploiting a critical security hole in VMWare’s software in an attempt to infiltrate target networks. The vulnerability exists in the VMWare Access and VMWare Identity Manager products.

PlayStation Now bugs

PlayStation Now (PS Now) bugs allowed hackers to run arbitrary code on Windows devices running vulnerable app versions. The bugs impact the PS Now version 11.0.2 on computers with Windows 7Sp1 or later.

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.

Cyber Fusion Center

Intel Exchange

Intel Exchange Lite

Collaborate

Respond

Orchestrate

Threat Intelligence Ecosystem

Solutions for ISACs, ISAOs, and CERTs

Solutions for ISAC, ISAO, and CERT Members

Intel Exchange Spoke

Cyware Browser Extension

Partners & Integrations

Channel Partners

MSSPs

Technology Alliances

Open APIs

MISP

Register a Deal

CywareOne Login

Resources Library

Resource Library

Use Cases

Cyware Labs: Research & Threat Briefings

Security Guides

Free Threat Intel Feeds

Webinars & Videos

Community Resources

Cyware Academy

Contact Us

Leadership

Careers

Cyware in the News

Press Releases

Compliance

Cyware Daily Threat Intelligence, December 08, 2020

Share Blog Post

Tags

More from Cyware

The Virtual Cyber Fusion Suite

Explore Solutions

Capabilities

Resource Library

Use Cases