Cyber Bites

It may sound creepy and unreal, but hackers can also exfiltrate sensitive data from your computer by simply changing the brightness of the screen, new cybersecurity research shared with The Hacker News revealed. In recent years, several cybersecurity researchers demonstrated innovative ways to covertly exfiltrate data from a physically isolated air-gapped computer that can't connect wirelessly or physically with other computers or network devices. Source: The Hacker News  

The malware is back in targeted attacks against Brazilian banking customers, this time using a new technique that involves mobile app authorization. The CamuBot malware, known for targeting Brazilian bank customers, has returned in a slew of recent offensives. The latest wave of attacks are highly personalized and, unlike previous campaigns, target victims’ mobile banking apps as an extra step to evade detection when making fraudulent transfers. Source: Threat Post

Medicaid coordinated care organization (CCO) Health Share of Oregon today disclosed a data breach exposing the health and personal info of 654,362 individuals following the theft of a laptop owned by its transportation vendor GridWorks IC. The non-profit organization is Oregon's largest Medicaid CCO and it serves the Oregon Health Plan (Medicaid) members in Clackamas, Multnomah, and Washington counties. Source: Bleeping Computer

Security researchers taking a closer look at the Philips Hue smart bulbs and the bridge device that connects them discovered a vulnerability that helped them compromise more meaningful systems on the local network. The security flaw was discovered is in the ZigBee wireless communication protocol that is used by a wide range of smart home devices. Source: Bleeping Computer

Firstly, it seems to be a compromised music site with a weird name that doesn’t have any obvious connection to any well-known health organisation; secondly, it is an HTTP site, not an HTTPS site, which is sufficiently unusual these days to be suspicious in its own right. Nevertheless, the scam page itself is incredibly simple – it can’t have taken the crooks more than a few minutes to put together – and visually effective. The...

Google has apologised after finding a bug which meant some people's private videos were shared with others by mistake. The bug affected Google Takeout, which enables Google Photo users to export the content of their accounts, for four days, between 21 and 25 November 2019. Google said those who used it may have either received an incomplete archive, or some videos which were not theirs. Source: BBC

Crew and Concierge is an international recruitment agency specialising in securing staff for ultra-high-net-worth clients’ yachts operating around the world. The server, which was discovered during a Verdict investigation, consisted of over 90,000 files, all of which appeared to relate to individuals on Crew and Concierge’s books. It was left exposed on a misconfigured unsecured Amazon Web Services (AWS) S3 bucket and appears to have been online and available for anyone to access without a...

The US Federal Bureau of Investigation (FBI) warned of a potential Distributed Denial of Service (DDoS) attack that targeted a state-level voter registration and information site in a Private Industry Notification (PIN) released today. "The FBI received reporting indicating a state-level voter registration and voter information website received anomalous Domain Name System (DNS) server requests consistent with a Pseudo Random Subdomain (PRSD) attack," according to the FBI PIN seen by BleepingComputer. Source: Bleeping Computer

Attackers are abusing the Bitbucket code hosting service to store seven types of malware threats used in an ongoing campaign that has already claimed more than 500,000 business computers across the world. Systems falling victim to this attack would get infected with multiple payloads that steal data, mine for cryptocurrency, and culminate with delivering STOP ransomware. Source: Bleeping Computer

Cybercriminals capitalize on fears of a global health emergency with phishing emails claiming to offer advice for protecting against coronavirus. As people grow concerned about the Wuhan coronavirus, now classified as a global emergency by the World Health Organization, cybercriminals are preying on their fear with phishing emails claiming to have advice on protective safety measures. Emails have been seen in the US and UK. Source: Dark Reading