Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

KnowBe4

MGM Suffers Ransomware Attack that Started with a Simple Helpdesk Call

As the aftermath unfolds, the details around the recent attack on MGM Resorts, providing crucial insight into the attacks impact, who’s responsible, and how it started. On September 11, Las Vegas-based MGM Resorts International reported a cybersecurity “issue” affecting many of the company’s systems.

No Dice for MGM Las Vegas as It Battles Fallout from Ransomware Attack After a 10-minute Vishing Scam

Four days later, $52 million in lost revenues and counting, a cyber attack on MGM Resorts International, a $14 billion Las Vegas gaming empire with Hollywood-famous hotel spreads like the Bellagio, Cosmopolitan, Excalibur, Luxor, and the MGM Grand itself, had the house brought down by a perfect example of vishing…a 10-minute phone call. Gamblers could not gamble. Guests could not access rooms. Lights went out. Panic set in.

Can You Guess Common Phishing Themes in Southeast Asia?

Researchers at Cyfirma outline trends in phishing campaigns around the world, finding that Singapore is disproportionately targeted by phishing attacks. Singapore’s position at 5th place “Between 1st January and 1st August, CYFIRMA’s telemetry recorded 410,793 phishing campaigns,” the researchers write.

Cybercriminals Selling "Golden Tickets" to Phish Microsoft 365... $500,000 in Sales in 10 Months

In the movie, "Willy Wonka and the Chocolate Factory," kids unwrap chocolate bars in hopes of winning a golden ticket, giving the holder an inside tour of the sugar factory. The W3LL store is selling advanced phishing kits – a golden ticket for hacking Microsoft 365 accounts -- that can bypass multi-factor authentication (MFA) no less.

Phishing Scammers are Using Artificial Intelligence To Create Perfect Emails

Phishing attacks have always been detected through broken English, but now generative artificial intelligence (AI) tools are eliminating all those red flags. OpenAI ChatGPT, for instance, can fix spelling mistakes, odd grammar, and other errors that are common in phishing emails. This advancement in AI technology has made it easier for even amateur hackers to analyze vast amounts of publicly available data about their targets and create highly personalized and convincing emails within seconds.

AP Stylebook Data Breach Compromises Customer Personal Information

The Associated Press (AP) has disclosed a data breach affecting the legacy AP Stylebook website that led to phishing attacks against impacted customers, BleepingComputer reports. “On July 20, 2023, Stylebooks.com notified us that AP Stylebook customers had received phishing emails directing them to a fake website that imitated AP Stylebook to provide updated credit card information,” the AP said. “APS immediately engaged a cyber forensics firm to investigate the incident.

Microsoft Teams Phishing Campaign Distributes DarkGate Malware

Researchers at Truesec are tracking a phishing campaign that’s distributing the DarkGate Loader malware via external Microsoft Teams messages. “On August 29, in the timespan from 11:25 to 12:25 UTC, Microsoft Teams chat messages were sent from two external Office 365 accounts compromised prior to the campaign,” the researchers write.

[dot]US Domain Exploited for Phishing

The Interisle Consulting Group has published a paper looking at the phishing landscape in 2023, KrebsOnSecurity reports. Notably, Interisle found that the.us top-level domain is being widely abused in phishing attacks. “.US is the ccTLD of the United States and had a very large number of its domains used for phishing -- almost 30,000 domains, more than 20,000 of which were registered maliciously by phishers,” Interisle said.

Ransomware Attacks Speed up 44% Leaving Less Time for Detection and Response

New data suggests that the gangs and toolkits behind current ransomware attacks are materially improving their abilities, resulting in a speeding up of attacks before defenses kick in. It’s the last thing we want to hear; the threat actors are winning. But, according to Sophos’ 2023 Active Adversary Report for Tech Leaders report – at least when looking at threat actor dwell time – it seems to be the case.

Brand Impersonation Hits a New High with as Many as 73 Lookalike Domains Per Brand

The use of lookalike domains has reached critical mass with not just one counterfeit website, but many. The second act of a phishing attack intent on tricking the victim into providing valuable information is the website they are taken to. It has to look and feel like the real thing. But it also needs to have a domain that doesn’t raise suspicion. Thus, the advent of lookalike domains.