Cyberattacks

What is an Authenticated Security Scan, And Why Is It Important?

Sep 21, 2023 By Gaurav Chauhan In Indusface

Many organizations today rely only on “unauthenticated” web application security scans, leaving their admin and user portals unchecked. While it is crucial to protect your system against external automated attacks, you shouldn’t ignore the possibility of a targeted attack from someone with valid logins. If your app lets anyone signup online, it could easily expose your business to attackers.

Read Post

Indusface

Read more about What is an Authenticated Security Scan, And Why Is It Important?

As MGM Struggles Amid Ransomware Fallout, Data Recovery Lessons Abound - Part 2

Sep 21, 2023 By Scott Gray In 11:11 Systems

The latest MGM Resorts ransomware attack demonstrates why cyber insurance is critical as part of a multi-layered security strategy. In our last blog, we discussed the recent Las Vegas cyber incidents and how no organization is completely safe. The original cyber incident at MGM Resorts occurred on September 10, 2023 — nearly two weeks ago now – and the company and its valued customers are still feeling its effects.

Read Post

11:11 Systems

Read more about As MGM Struggles Amid Ransomware Fallout, Data Recovery Lessons Abound - Part 2

How Social Engineering Took Down MGM and Caesars

Sep 20, 2023 By Arctic Wolf In Arctic Wolf

Two major players in hospitality and gaming, MGM and Caesars, were victims of two, separate cyber attacks. While the details are still unknown, what is known is that Caesars paid the hackers a multi-million dollar ransom, and that both attacks began with social engineering.

View Video

Arctic Wolf

Read more about How Social Engineering Took Down MGM and Caesars

Major Casinos Hacked Using Social Engineering Attacks

Sep 20, 2023 By Arctic Wolf In Arctic Wolf

Two giants in the gaming and hospitality industry, Caesars Entertainment and MGM Resorts, recently announced that they were targeted by cybercriminals. But here’s the catch, both ransomware attacks appear to have started with the use of social engineering tactics against IT helpdesk personnel to gain access to systems.

Read Post

Arctic Wolf

Read more about Major Casinos Hacked Using Social Engineering Attacks

Malicious Packages Special Report - Attacks Move Beyond Vulnerabilities

Sep 20, 2023 By Mend In Mend

Threat actors are after our sensitive data. In 2023, the number of malicious packages published to Node Package Manager (npm) and RubyGems ballooned 315% compared to 2021, and 85% of malicious packages discovered in existing applications were capable of exfiltration – meaning they could cause an unauthorized transmission of information. Software packages containing malicious code are a growing threat, and they may have unknowingly infiltrated your applications.

View Video

Mend

Read more about Malicious Packages Special Report - Attacks Move Beyond Vulnerabilities

Non-Profit Save the Children Gets Hit By Ransomware Data Attack

Sep 20, 2023 By Steven In IDStrong

Save The Children is an organization that specializes in helping children live healthy lives. The non-profit works in multiple countries, helping to provide for children's needs, especially in areas affected by war or tragedy. This organization was recently the target of a ransomware hacker group and suffered huge data losses as a result of that targeting.

Read Post

IDStrong

Read more about Non-Profit Save the Children Gets Hit By Ransomware Data Attack

Russia and China Dominate Majority of Bot Attacks on Large Companies

Sep 19, 2023 By Netacea In Netacea

New research reveals such attacks cost the average business the equivalent of over 50 ransomware payouts every year while remaining undetected for four months.

Read Post

Netacea

Read more about Russia and China Dominate Majority of Bot Attacks on Large Companies

Breach and Attack Simulation Helps Pipeline Operators Comply with New TSA Requirements

Sep 19, 2023 By SafeBreach In SafeBreach

In July of this year, the Transportation Safety Administration (TSA) released Security Directive Pipeline-2021-02D (SD-02D) Pipeline Cybersecurity Mitigation Actions, Contingency Planning, and Testing. The directive—aimed at owners and operators of liquid and natural gas pipelines or facilities designated as critical infrastructure—outlines requirements for enhancing cyber resilience through the implementation of a TSA-approved cybersecurity implementation plan (CIP).

Read Post

SafeBreach

Read more about Breach and Attack Simulation Helps Pipeline Operators Comply with New TSA Requirements

Caesars Entertainment Gets Hacked, Exposing Countless Gamblers

Sep 19, 2023 By Steven In IDStrong

Caesars Entertainment is one of the largest casino companies in the United States and is well-known for its loyalty program. The company serves countless customers in Las Vegas and elsewhere throughout the world. The massive loyalty program takes in data from all of Caesars customers, and that program may have just backfired on the company, potentially hurting many of its customers in the process.

Read Post

IDStrong

Read more about Caesars Entertainment Gets Hacked, Exposing Countless Gamblers

Cyber attackers hit the jackpot: learn why casinos aren't the only ones vulnerable

Sep 19, 2023 By Christopher Beier and Anton Ovrutsky In Sumo Logic

For many years, hackers and cybercriminals have used social engineering techniques to gain unauthorized access to confidential information. It is easy to predict that these attacks will continue to advance in sophistication and frequency. Whether they are using AI to create better lures or cyber criminals are just getting more adept at exploiting human nature, the success of these attacks proves the tactics are winning.

Read Post