AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 10/31/2024

Security flaws found in all Nvidia GeForce GPUs. Update drivers ASAP!

Graphics card manufacturer Nvidia is currently issuing a warning to all owners of GeForce GPUs. According to an , several security vulnerabilities requiring urgent attention have been discovered in the company’s own display drivers and other software. A total of eight vulnerabilities are listed, all of them with a “High” severity rating. If you have an Nvidia GeForce GPU, you need to act now.

 

Android malware “FakeCall” now reroutes bank calls to attackers

A new version of the FakeCall malware for Android hijacks outgoing calls from a user to their bank, redirecting them to the attacker’s phone number instead. The goal of the latest version remains to steal people’s sensitive information and money from their bank accounts. FakeCall (or FakeCalls) is a banking trojan with a focus on voice phishing, in which victims are deceived through fraudulent calls impersonating banks, asking them to convey sensitive information.

 

Fired Disney staffer accused of hacking menu to add profanity, wingdings, removes allergen info

A disgruntled ex-Disney employee has been arrested and charged with hacking his former employer’s systems to alter restaurant menus with potentially deadly consequences. Michael Scheuer was charged [PDF] and arrested last week for allegedly violating the Computer Fraud and Abuse Act on three occasions by breaking into a former employer’s systems. Disney is not named in the complaint, but The Register has been told they are the company in question, and Scheuer’s former employer. Fired from his role at Disney as a menu production manager in June for what the complaint notes was unspecified “misconduct,” the dismissal “was contentious and was not considered to be amicable,” according to court documents signed by US magistrate judge Daniel Irick in what appears to be crayon (see page 25 of this PDF). 

 

Tower PC case used as ‘creative cavity’ by drug importer

Australian police have arrested a man after finding he imported what appear to be tower PC cases that were full of illicit drugs. The arrest of an unnamed Malaysian national took place yesterday, after a consignment of goods arrived by air in Sydney on October 16. Australia’s Border Force spotted something odd in the shipment, tested and found drugs – but then released the goods for delivery. The shipment was delivered yesterday, at which point Australian Federal Police (AFP) officers swooped on the man who picked them up. Police allege the shipment contained 100 kilograms of methamphetamine – enough for around one million street deals.

 

Insurance Industry Races to Stay Ahead of Cyber Threat Actors

The COVID-19 pandemic brought on significant change to the cyber insurance industry that spans all disciplines. We experienced the widespread remote work environment, which introduced an onslaught of ransomware claims by threat actor groups as they recognized the opportunity to exploit. This put us on our heels, and we’ve been in a continual chase ever since. The impact of the ransomware epidemic hit the insurance industry first. The cyber policies weren’t properly rated to sustain the frequency and severity of this type of attack. It has become abundantly clear that network security controls should have been a critical consideration to effectively underwrite these emerging risks.

Related Posts