AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 04/18/2023

Payments Giant NCR Hit by Ransomware 

NCR first reported investigating an “issue” related to its Aloha restaurant point-of-sale (PoS) product on April 12. On April 15, the company said a limited number of ancillary Aloha applications for a subset of its hospitality customers had been impacted by an outage at a single data center. “On April 13, we confirmed that the outage was the result of a ransomware incident. Immediately upon discovering this development we began contacting customers, engaged third-party cybersecurity experts and launched an investigation. Law enforcement has also been notified,” NCR said. 

 

7 countries unite to push for secure-by-design development 

Ten agencies from across seven countries have joined forces to create a guide for software developer organizations to ensure their products are both secure by design and by default. The joint guidance, Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Security-by-Design and -Default, comes after several recently identified critical vulnerabilities in vendor software. 

 

Nintendo Hacker Will Have To Pay The Price For His Actions For The Rest Of His Life 

Back in early 2022, Gary Bowser, a member of the hacking team known as Team Xecuter, was sentenced to 40 months of prison for providing and selling together with the team means to circumvent the Nintendo Switch’s security systems and allow usage of pirated software. The Team Xecuter member is about to be released from prison, but he is apparently not done paying the cost of his actions. As reported by TorrentFreak, Gary Bowser is about to be released from prison earlier than intended in part due to his good behavior, and is now waiting to be returned home to Canada. However, he was also sentenced to pay ten million dollars back to Nintendo, which he has yet to do and will highly unlikely ever be able to. 

 

WhatsApp, Other Messaging Apps Sign Open Letter Urging UK Government to Rethink ‘Surveillance’ Bill 

WhatsApp, Signal, and other messaging services have penned an open letter to the British government appealing for it to urgently rethink the Online Safety Bill (OSB), a piece of legislation that would allow regulators to ask the platforms to monitor users in order to identify child abuse images. Under the bill, the government could force chat services to apply content moderation policies such as client-side scanning that are impossible to implement without circumventing end-to-end encryption, which ensures that only the user and the person they are communicating with can read or listen to what is sent. 

 

Shein and Temu the latest China tech targets in Congress body’s sights 

As the U.S. becomes increasingly wary of China’s growing influence on the Western tech stage, internet platforms from TikTok to Shein are finding themselves in Washington’s sights. As a Chinese saying goes: the first bird that pokes its head out gets shot. In recent months, lawmakers in the U.S. have escalated efforts to ban TikTok. In December, the U.S. House of Representatives ordered its staff and lawmakers to delete the video app from their government-issued mobile. A broader restriction appears to be looming after the app’s CEO Shou Zi Chew went through five hours of grilling questions before Congress in late March. 

Related Posts