AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 3/10/2020

1 – Dutch Privacy Regulator Fines Tennis Association for Selling Personal Data Without Proper Consent

The Dutch Data Protection Authority (AP) has imposed a fine of 525,000 euros on tennis association KNLTB for selling personal data without proper consent. In 2018, the KNLTB unlawfully provided personal data of a few hundred thousand of its members to two sponsors for a fee. The Royal Dutch Lawn Tennis Association (KNLTB) provided the sponsors with personal data such as name, gender and address, so that they could approach a selection of KNLTB members with tennis-related and other offers. AP held that consent is required for the sale of personal data and that legitimate interest was not an appropriate legal basis for such actions.


2 – Alleged Russian hacker goes on trial Monday in US in 2012 LinkedIn, Dropbox breaches

Everyone makes cybersecurity mistakes. Yevgeniy Nikulin, a Russian national accused of some of the biggest hacks in recent history, is no exception, prosecutors say. Nikulin allegedly stole millions of usernames and passwords by breaching systems at LinkedIn, DropBox and Formspring in 2012. He also attempted to sell hacked information on online black markets, prosecutors say, where buyers likely hoped they could use it to break into accounts with several services, because people often recycle passwords.  Nikulin, who pleaded not guilty, goes on trial Monday in US District Court in San Francisco.


3 – Facebook decides to take down Trump 2020 campaign’s ‘census’ ads

Facebook Inc on Thursday removed ads by President Donald Trump’s re-election campaign that asked users to fill out an “Official 2020 Congressional District Census” because the ads violate the company’s policy against misinformation on the government’s census.  The ads, which come from the pages of the Republican president and Vice President Mike Pence, link to a survey on an official campaign website and then to a page asking for donations. “We need Patriotic Americans like YOU to respond to this census, so we can develop a winning strategy for YOUR STATE,” the ad read. The online newsletter Popular Information, which first reported on the ads, said Facebook had originally said they did not violate its policy. Civil rights advocates said they pushed Facebook to remove the ads and Facebook confirmed it re-reviewed them.


4 – Minor Convictions for Ex-CIA Coder in Hacking Tools Case

A former CIA software engineer accused of stealing a massive trove of the agency’s hacking tools and handing it over to WikiLeaks was convicted of only minor charges Monday, after a jury deadlocked on the more serious espionage charges against him. Joshua Schulte, who worked as a coder at the agency’s headquarters in Langley, Virginia, was convicted by a jury of contempt of court and making false statements after a four-week trial in Manhattan federal court that offered an unusual window into the CIA’s digital sleuthing and the team that designs computer code to spy on foreign adversaries.


5 – Coronavirus highlights strengths of self-driving delivery vehicles

When cities are on lockdown and quarantines keep people from going out to do absolutely anything, it quickly makes for a tough situation. Yet, despite the awful consequences of the coronavirus, one Chinese company is showing how technology can make a difference. Neolix, a self-driving delivery vehicle startup in China, has been working overtime to usher more of its autonomous delivery vans onto empty Chinese roads amid quarantines. According to a Bloomberg report on Monday, Chinese companies have booked orders for 200 of the tiny robotic vehicles, including online megaretailers Alibaba and JD.com. Before the coronavirus outbreak in China, Neolix had just 125 orders since last May. Talk about a boost to business.


6 – European power grid organization says its IT network was hacked

The organization that ensures coordination of European electricity markets said Monday that its IT network had been compromised in a “cyber intrusion.” The European Network of Transmission System Operators for Electricity (ENTSO-E), whose members include large electric transmission operators across the continent, “recently found evidence of a successful cyber intrusion into its office network,” the organization said in a terse statement. The compromised office network is not connected to any operational electric transmission system, ENTSO-E said, meaning the attack was confined to IT systems and did not impact critical control systems.


7 – Hackers Easily Breach U.S. Voting Machines in Chilling ‘Kill Chain’ Trailer

The vulnerabilities of the United States’ election system are highlighted in the unnerving new trailer for the documentary, Kill Chain: The Cyber War on America’s Elections, debuting March 26th on HBO. The clip starts by taking on one of the major misconceptions about American voting machines — that concerns about hacking are unwarranted because voting machines don’t connect to the internet. In fact, many machines do connect to the internet — very easily — and hacking them is really just one of several ways outside actors can tamper with the election process, leading to long lines and delays at polling places and greater mistrust in this crucial democratic act.


8 – College Students Create Scholarship to Protest Palantir

Students at Carnegie Mellon University have made a scholarship fund for underrepresented students in STEM to protest the university for allowing the data mining firm Palantir to offer scholarships on campus. In recent years, Palantir, the $26 billion Silicon Valley data-mining company has raked in tens of millions of dollars from contracts with Immigration and Customs Enforcement (ICE)— recently sparking activist backlash on more than 30 college campuses around the country, including UC Berkeley, Brown, Duke, Stanford, and Georgia Tech, united under the banner #NoTechForIce. On February 17, Carnegie Mellon emailed computer science undergraduates— inviting women and unrepresented people of color to apply for 20 $7,000 scholarships sponsored by Palantir that would go toward their education. The scholarships are advertised by Palantir to “celebrate and support” women and underrepresented students “who are beginning careers in technology.”


9 – Amazon offers other retailers the tech behind its no-checkout stores

Amazon has made a splash in recent years with Amazon Go, a series of convenience stores—and more recently a full-fledged grocery store—in Seattle, New York, Chicago, and San Francisco. Now the company is offering to license the technology to other retailers. A new website explains how Amazon’s Just Walk Out technology works. “We built Just Walk Out technology leveraging the same types of technologies used in self-driving cars: computer vision, sensor fusion, and deep learning,” Amazon’s FAQ says. “We provide all the necessary technologies to enable checkout-free shopping in a retailer’s store and offer retailers 24/7 support via phone and email.”


10 – Top U.S. envoy presses Canada over Huawei role in 5G network

A senior U.S. envoy on Monday pressed Canada about Ottawa’s forthcoming decision on whether to allow China’s Huawei Technologies to take part in its 5G network, a move Washington opposes, officials said. The administration of U.S. President Donald Trump last year warned Canada it could lose access to top secret intelligence unless it blocked Huawei 5G technology. Robert Blair, Trump’s special representative for international telecoms policy, discussed the “importance of a secure and reliable next-generation telecommunications infrastructure” and the defense partnership between the United States and Canada, the U.S. embassy said in a statement.

Related Posts