AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 6/16/2020

Amazon CEO Jeff Bezos agrees to testify before antitrust hearing

Amazon and a handful of other major tech companies are facing increased pressure from a series of investigations from the US House and Senate, the Justice Department and Federal Trade Commission into their potential monopolistic practices. For Amazon, the investigations have often focused on Amazon’s use of private label items to compete against much smaller retailers on its platform. Calls for Bezos to testify before the US House Judiciary’s Subcommittee on Antitrust, Commercial and Administrative Law intensified after The Wall Street Journal in April reported that Amazon workers had repeatedly accessed the sales data of individual sellers on the e-commerce giant’s site when deciding what Amazon-branded products should be launched. 

 

Attackers impersonate secure messaging site to steal bitcoins

In what can be described as the case of both cybersquatting and phishing, threat actors have reportedly created a site that imitates the legitimate secure note sharing service privnote.com to steal bitcoins. The creators of privnote.com, a legitimate site that offers a self-destructive pastes service, were concerned that someone had created a fake version of their website to trick users into using it. “Earlier this year, KrebsOnSecurity heard from the owners of Privnote.com, who complained that someone had set up a fake clone of their site that was fooling quite a few regular users of the service,” investigative security reporter Brian Krebs reported. The legitimate Privnote.com site offers the ability to send encrypted and self-destructing notes that can be shared with other users.

 

Spies Can Eavesdrop by Watching a Light Bulb’s Vibrations 

THE LIST OF sophisticated eavesdropping techniques has grown steadily over years: wiretaps, hacked phones, bugs in the wall—even bouncing lasers off of a building’s glass to pick up conversations inside. Now add another tool for audio spies: Any light bulb in a room that might be visible from a window. Researchers from Israeli’s Ben-Gurion University of the Negev and the Weizmann Institute of Science today revealed a new technique for long-distance eavesdropping they call “lamphone.” They say it allows anyone with a laptop and less than a thousand dollars of equipment—just a telescope and a $400 electro-optical sensor—to listen in on any sounds in a room that’s hundreds of feet away in real-time, simply by observing the minuscule vibrations those sounds create on the glass surface of a light bulb inside. By measuring the tiny changes in light output from the bulb that those vibrations cause, the researchers show that a spy can pick up sound clearly enough to discern the contents of conversations or even recognize a piece of music.

 

6 eBay Executives And Employees Charged With Sending Threats, Bloody Pig Mask To Natick Couple

Six former eBay executives and employees are facing federal charges after they allegedly led a cyberstalking campaign against a Natick couple they believed was critical of the company in an online ecommerce newsletter. U.S. Attorney Andrew Lelling said the eBay employees’ harassment included sending the couple “disturbing deliveries” that included a bloody pig mask, a box of live cockroaches, and a funeral wreath. The employees also allegedly sent anonymous threatening messages and traveled to Massachusetts to conduct “covert surveillance” of the victims. “It was a determined, systematic effort of senior employees of a major company to destroy the lives of a couple in Natick, all because they published content company executives didn’t like,” said Lelling.

 

US bank customers targeted in ongoing Qbot campaign

Security researchers at F5 Labs have spotted ongoing attacks using Qbot malware payloads to steal credentials from customers of dozens of US financial institutions. Qbot (also known as Qakbot, Pinkslipbot, and Quakbot) is a banking trojan with worm features used to steal banking credentials and financial data, as well as to log user keystrokes, deploy backdoors, and drop additional malware on compromised machines. Among the banks whose customers have been targeted in this Qbot campaign, the researchers found JP Morgan, Citibank, Bank of America, Citizens, Capital One, Wells Fargo, and FirstMerit Bank. In total, this active Qbot campaign targets 36 different U.S. financial institutions, as well as two banks in Canada and the Netherlands according to F5 Labs malware analyst Doron Voolf.

 

T-Mobile network outage affects thousands of customers in the US, experts reject claims of DDoS attack

Thousands of T-Mobile customers across the US reported widespread network outages on Monday that left them unable to make phone calls or access the internet. The outage appeared to have started at around 12-1pm Easter Time on Monday, and by 4pm ET, service tracker DownDetector had logged more than 100,000 reports of T-Mobile outages, with most complaints coming from New York, Texas, Florida, Georgia, California, and the Washington, DC, area. Some users also reported voice and data issues with other carriers, including Verizon and AT&T, on social media platforms and on DownDetector, but both carriers said that their service was operating normally. They also said that problems in T-Mobile network caused disruption when their customers tried to call T-Mobile lines. Reports on DownDetector also showed some customers having issues with Comcast, Twitch, Facebook and Instagram.

Related Posts