Cyber Bites

Cosmetics giant Avon is recovering from a mysterious cyber-security incident that took place last week, on June 8, sources have told ZDNet. The company has filed documents with the US Securities Exchange Commission disclosing the incident on June 9, a day after the company first discovered issues with some of its IT infrastructure. The company said the incident "interrupted some systems and partially affected operations." Last week, Avon distributors reported problems accessing the company's backend, where...

A security vulnerability in President Trump’s mobile campaign app exposed Twitter application keys and secrets, Google apps and maps keys and Branch.io keys in the Android APK file, researchers at Website Planet recently discovered. A research team led by Noam Rotem and Ran Locar said the exposed keys and secrets provided access to the app’s Twitter API and other parts of the app. “While the exposed keys allowed access to many parts of the app,...

A new hack allowed researchers to discern sound — including “Let it Be” by the Beatles, and audio from a Donald Trump speech — from lightbulb vibrations. Researchers have discovered a novel way to spy on conversations that are happening in houses from almost a hundred feet away. The hack stems simply from a lightbulb hanging in the home. The hack, dubbed “lamphone,” is performed by analyzing the tiny vibrations of a hanging lightbulb, which...

Norway, Bahrain, and Kuwait are amongst the "most dangerous" for privacy in their deployment of COVID-19 contact tracing apps, as they track their citizens' locations on a live or near real-time basis. These apps adopt an "invasive centralised approach" and pose a "great threat to privacy", according to an Amnesty International study. The group's research, however, does not include countries in Asia or the US. Conducted by Amnesty's Security Lab, the study assessed contact tracing...

In what can be described as the case of both cybersquatting and phishing, threat actors have reportedly created a site that imitates the legitimate secure note sharing service privnote.com to steal bitcoins. The creators of privnote.com, a legitimate site that offers a self-destructive pastes service, were concerned that someone had created a fake version of their website to trick users into using it. "Earlier this year, KrebsOnSecurity heard from the owners of Privnote.com, who complained that someone had...

The United States has announced it has amended the ban on US companies doing business with Huawei. The move entails allowing US companies to share information about technologies with Huawei for the purpose of developing joint standards without requiring an export licence. US Secretary of Commerce Wilbur Ross said, however, that the change in policy is not a softening on the government's stance against Huawei, which is still placed on the Entity List. Rather, the amendment...

Security researchers at F5 Labs have spotted ongoing attacks using Qbot malware payloads to steal credentials from customers of dozens of US financial institutions. Qbot (also known as Qakbot, Pinkslipbot, and Quakbot) is a banking trojan with worm features used to steal banking credentials and financial data, as well as to log user keystrokes, deploy backdoors, and drop additional malware on compromised machines. Among the banks whose customers have been targeted in this Qbot campaign, the...

Windows 10 users are reporting that they are unable to print using devices from multiple vendors after installing updates for Windows 10 versions 1903, 1909, and 2004 devices released on June 9, 2020. KB4560960 and KB4557957, the updates causing these issues, are cumulative updates that were released on Tuesday with security fixes for multiple Windows 10 components, as well as improvements and fixes for various Windows 10 features. Even though no Microsoft officials have confirmed it, a...

Bad guys find unprotected Elasticsearch servers exposed on the web faster than search engines can index them. A study found that threat actors are mainly going for cryptocurrency mining and credential theft. For the duration of the experiment, a honeypot with a fake database recorded more than 150 unauthorized requests, the first one occurring less than 12 hours since being exposed. Comparitech’s research team, led by Bob Diachenko, left the Elasticsearch server exposed on the...

D-Link has released a firmware update to fix three out of six security vulnerabilities reported for the DIR-865L wireless router model for consumers. One flaw is rated critical, others are high-severity. Attackers can use the bugs to execute arbitrary commands, steal sensitive information, upload malware, or delete data. D-Link’s DIR-865L was released in 2012 and is no longer supported for U.S. consumers but its status on localized pages for European countries is End of Sale. This means that...