As an article in DarkReading highlights, it’s tempting to compare the incident responses by MGM Resorts and Caesars Entertainment to their recent cyberattacks because both are the same kind of entity and both were victims of the same threat actors (Scattered Spider/AlphV). But: Caesars quickly negotiated with the cyberattackers, and handed over a $15 million ransom payout, which […]
T-Mobile has had so many data breaches over the years that it’s somewhat understandable that people may rush to assume that something is a breach of their system when it was not. This week, we heard of two situations like that. The first involved customers reporting that after they logged in to T-Mobile’s app, they […]
Reuters reports: The International Criminal Court (ICC) said on Tuesday its computer system had been hacked, a breach at one of the world’s most high-profile international institutions and one that handles highly sensitive information about war crimes. The ICC said it had detected unusual activity on its computer network at the end of last week, […]
One of the biggest breaches of 2023 involves the 0-day attack by Clop threat actors on file transfer software called MOVEit by Progress Software. The attack was launched in May and June. It affected more than 1,100 entities and more than 56 million people according to statistics compiled by Emsisoft. One of the most recent […]
MGM Resorts International could be losing between $4.2 million and $8.4 million in daily revenue and around $1 million in cash flow every day it’s under a cyberattack, a gaming industry analyst said in a Sunday report to investors. David Katz, an equity analyst with New York-based Jefferies Group, in a weekly report on gaming, […]
It’s not unusual for ransomware groups to comment on a victim’s incident response in a negative way. Nor is it unusual for these groups to carefully monitor media coverage. It is somewhat unusual, though, for a major group to get so angry at researchers or news outlets that they actually call them all out by […]
Human error in configuring data storage continues to result in massive leaks or potential leaks of personal and sensitive health data. In today’s news, we learned that CrelioHealth left an Elasticsearch cluster exposed. Luckily for them, it was a whitehat researcher, Bob Diachenko of SecurityDiscovery, who spotted the problem and contacted them to alert them. […]
The Regional Justice Information System (REJIS) is used by court systems to support docket functions and certain scheduling functions such as the release of prisoners. REJIS is a government commission that provides services to criminal justice departments across Missouri as well as in Illinois and Kansas. On Monday, Louis County (Missouri), Kansas City (Missouri), Kansas […]
Hackers use a massive network of fake and compromised Facebook accounts to send out millions of Messenger phishing messages to target Facebook business accounts with password-stealing malware. The attackers trick the targets into downloading a RAR/ZIP archive containing a downloader for an evasive Python-based stealer that grabs cookies and passwords stored in the victim’s browser. […]
So you paid the attackers to get your data back? Sit down, because we have something sad to tell you.
Victims unfortunate enough to have been hit with a ransomware attack that either lock all their data and backups or delete it all and demand payment to get data back are often given assurances that not only will they get a decryption key if their data was locked, but the attackers stand ready to promptly […]