AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 10/29/2019

1 – UniCredit reveals data breach exposing 3 million customer records

UniCredit has revealed a data breach resulting in the leak of information belonging to three million customers. On Monday, the Italian bank and financial services organization said that a compromised file, generated in 2015, is the source of the security incident. In total, roughly three million records were exposed, revealing the names, telephone numbers, email addresses, and cities where clients were registered. While UniCredit caters to an international client base, each record related to an Italian customer. 


2 – Boris Johnson may let Huawei access UK’s 5G network

UK Prime Minister Boris Johnson is following predecessor Theresa May by preparing to give Huawei access to “non-contentious” parts of the country’s 5G network, according to the Sunday Times. The move could frustrate US President Donald Trump, who banned Huawei overs its alleged links to the Chinese government. The UK government apparently noted that some of Huawei’s technology isn’t available in the West, so Britain’s next generation wireless infrastructure could be left behind if it doesn’t do business with the Chinese company. Neither the prime minister’s office nor Huawei immediately responded to requests for comment.


3 – New Jersey Man Pleads Guilty to Hacker Attack Involving Hardware Keyloggers

A New Jersey man has pleaded guilty in federal court to hacking two companies and installing keyloggers in an effort to steal data. The man, Ankur Agarwal, 45, pleaded guilty to two counts of obtaining information from computers and one count of aggravated identity theft. Starting February 2017, Agarwal physically trespassed onto a company’s premises in New Jersey to install hardware keylogger devices that would allow him to record the keystrokes of employees and obtain their usernames and passwords. Agarwal also installed his personal computer and a hard drive onto the company’s computer network and, using the fraudulently obtained credentials, hacked into the firm’s network, targeting various employees.


4 – Samsung SpaceSelfie satellite crashes onto Michigan farm

Samsung Europe launched a Galaxy S10 into space earlier this month for people to get their own “SpaceSelfie.” It apparently crashed back onto Earth not long after. The SpaceSelfie satellite had a rough landing on a Michigan farm Saturday, according to NBC News. The tech giant reportedly said the crash occurred during the satellite’s planned descent. “Samsung Europe’s SpaceSelfie came back down to Earth,” Samsung told NBC News. “During this planned descent of the balloon to land in the US, weather conditions resulted in an early soft landing in a selected rural area.” As for why the satellite crashed, Samsung Europe didn’t immediately respond to a request for comment. 


5 – Cyberattacks hit websites of Georgia’s president, broadcasters and more

The websites of government agencies, media outlets and nongovernmental organizations in the Eastern European country of Georgia were hit by cyberattacks on Monday, evoking memories of a disruptive digital assault there over a decade ago. Roughly 2,000 websites were affected, according to the Agence France-Presse and the BBC, including those of the Georgian president and Georgian courts. It is unclear who is behind the cyberattacks. Georgia’s interior ministry has launched an investigation. The hackers took over the website of President Salome Zourabichvili and posted an image of Georgia’s exiled ex-president, Mikheil Saakashvili, with the words, “I’ll be back,” a spokesperson for the Georgian Embassy in Washington, D.C., confirmed to CyberScoop.


6 – Google accused of creating tool to spy on employees’ organizing efforts

Google’s company leadership is being accused of developing an internal tool to keep tabs on employees’ efforts to organize protests and discuss labor rights. The tool, installed on all workers’ computers, would automatically report employees who schedule a calendar event with more than 10 rooms or 100 employees, according to an employee memo reviewed by Bloomberg. The memo suggests that the tool “is an attempt of leadership to immediately learn about any workers organization attempts,” Bloomberg reported.



Related Posts