AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 8/7/2024

NFL to begin using face scanning tech across all of its stadiums

The National Football League and all 32 of its teams will use tech from facial recognition software vendor Wicket to verify the identity of thousands of staff, media and fans as part of its credentialing program. Wicket chief operating officer Jeff Boehm touted the “big news” in a LinkedIn post: “After a pilot last season, all 32 teams (starting with the New England Patriots!) will be using Wicket to streamline and secure the credentialing program,” Boehm wrote. “This will ensure that properly credentialed media, officials, staff, and guests can easily and safely access restricted areas, including the playing field, press box, or locker rooms.”

 

Intelligence bill would elevate ransomware to a terrorist threat

When the Senate Intelligence Committee earlier this summer advanced its annual measure to authorize the work of the U.S. intelligence community, it also advanced a controversial proposal to deal with ransomware: treating it like terrorism. Sponsored by committee Chairman Mark Warner, D-Va., the bill contains novel language regarding ransomware that seeks to address increasingly rampant and damaging ransomware attacks by calling out ransomware gangs by name and branding them as “hostile foreign cyber actors”; designating nations that harbor ransomware actors as “state sponsors of ransomware” and slapping such states with sanctions; and granting the U.S. intelligence community greater legal authority to go after ransomware actors by elevating ransomware to the level of a national intelligence priority.

 

Warning over fake QR codes on parking machines

Fake QR codes are being stuck on council-owned parking machines to try to trick people into handing over their card details. Parking officers found the codes on meters on The Parade in Llandudno and Colwyn Bay promenade, Conwy council said. The codes look like they are part of the council’s payment system, but instead lead to a phony website. The council said it used the PayByPhone app for payments, not QR codes.

 

Thousands of Devices Wiped Remotely Following Mobile Guardian Hack

Hackers have targeted UK-based mobile device management (MDM) company Mobile Guardian and remotely wiped thousands of devices. According to the company, which specializes in MDM solutions for the education sector, it detected unauthorized access to its platform on August 4. In response to the intrusion, servers were shut down to contain the incident and prevent further disruption. The incident involved unauthorized access to iOS and Chrome OS devices enrolled in the Mobile Guardian platform. The attackers’ motives are unclear, but they apparently unenrolled devices from the MDM platform and wiped them remotely. 

 

Microsoft says Delta to blame for its long recovery from CrowdStrike update

Microsoft says that Delta Air Lines’ ancient IT infrastructure is to blame for the airline’s inability to quickly recover from last month’s CrowdStrike debacle. With Delta threatening to sue Microsoft and CrowdStrike, both companies issued responses saying that Delta refused repeated calls for help. A Microsoft letter to Delta yesterday said the Windows maker is starting to figure out why Delta took longer than other airlines to recover. “Microsoft continues to investigate the circumstances surrounding the CrowdStrike incident to understand why other airlines were able to fully restore business operations so much faster than Delta, including American Airlines and United Airlines,” the letter from Microsoft attorney Mark Cheffo said. “Our preliminary review suggests that Delta, unlike its competitors, apparently has not modernized its IT infrastructure, either for the benefit of its customers or for its pilots and flight attendants.”

Related Posts