Tens of millions in losses later, the MGM and Caesars systems are back online following dual cyberattacks by the same threat actor — here's what experts say about their incident responses.
Follow Dark Reading:
 September 28, 2023
LATEST SECURITY NEWS & COMMENTARY
MGM, Caesars Cyberattack Responses Required Brutal Choices
Tens of millions in losses later, the MGM and Caesars systems are back online following dual cyberattacks by the same threat actor — here's what experts say about their incident responses.
How the Okta Cross-Tenant Impersonation Attacks Succeeded
Sophisticated attacks on MGM and Caesars underscore the reality that even robust identity and access management may not be enough to protect you.
Researchers Release Details of New RCE Exploit Chain for SharePoint
One of the already-patched flaws enables elevation of privilege, while the other enables remote code execution.
Amid MGM, Caesars Incidents, Attackers Focus on Luxury Hotels
A fast-growing cyber campaign solely takes aim at luxury hotel and resort chains, using security-disruptive tactics to spread info-stealing malware.
China APT Cracks Cisco Firmware in Attacks Against the US and Japan
Sophisticated hackers are rewriting router firmware in real time and hiding their footprints, leaving defenders with hardly a fighting chance.
MOVEit Flaw Leads to 900 University Data Breaches
National Student Clearinghouse, a nonprofit serving thousands of universities with enrollment services, exposes more than 900 schools within its MOVEit environment.
'Gold Melody' Access Broker Plays on Unpatched Servers' Strings
A financially motivated threat actor uses known vulnerabilities, ordinary TTPs, and off-the-shelf tools to exploit the unprepared, highlighting the fact that many organizations still don't focus on the security basics.
Suspicious New Ransomware Group Claims Sony Hack
A deceitful threat actor claims its biggest haul yet. But what, if any, Sony data does it actually have?
Xenomorph Android Malware Targets Customers of 30 US Banks
The Trojan had mainly been infecting banks in Europe since it first surfaced more than one year ago.
Akira Ransomware Mutates to Target Linux Systems
The newly emerged ransomware actively targets both Windows and Linux systems with a double-extortion approach.
Cisco Moves Into SIEM With $28B Deal to Acquire Splunk
Cisco's surprise agreement could reshape secure information and event management (SIEM) and extended detection and response (XDR) markets.
Proactive Security: What It Means for Enterprise Security Strategy
Proactive Security holds the elusive promise of helping enterprises finally get ahead of threats, but CISOs must come to grips with the technological and philosophical change that it brings.
4 Pillars for Building a Responsible Cybersecurity Disclosure Program
Responsible disclosure must strike a balance between the immediate need to protect users and the broader security implications for the entire community.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Threat Data Feeds and Threat Intelligence Are Not the Same Thing
It's important to know the difference between the two terms. Here's why.

Guardians of the Cyberverse: Building a Resilient Security Culture
Whether achieved through AI-enabled automation, proactive identification and resolution of issues, or the equitable distribution of risk management responsibilities, the goal must be resilience.

Mastering Defense-in-Depth and Data Security in the Cloud Era
Though widely used in many organizations, the concept still requires adaptation when aimed at protecting against new types of attacks.

MORE
EDITORS' CHOICE
The Hot Seat: CISO Accountability in a New Era of SEC Regulation
Updated cybersecurity regulations herald a new era of transparency and accountability in the face of escalating industry vulnerabilities.
LATEST FROM THE EDGE

Will Government Secure Open Source or Muck It Up?
The US government aims to support open source projects, while the European Union seeks to make open source projects liable for their software. Which approach will lead to more security?
LATEST FROM DR TECHNOLOGY

A Preview of Windows 11's Passkeys Support
The latest update to Windows 11 introduces support for passkeys, which provide phishing-resistant passwordless authentication.
LATEST FROM DR GLOBAL

UAE-Linked 'Stealth Falcon' APT Mimics Microsoft in Homoglyph Attack
The cyberattackers are using the "Deadglyph" custom spyware, whose full capabilities have not yet been uncovered.
WEBINARS
  • Tips for A Streamlined Transition to Zero Trust

    From identifying the potential attack surface to determining policy, there is a clear path to zero trust and best practices to make the transition as smooth as possible - both for your organization and your customers. Zero trust is more ...

  • The Evolution of the Vulnerability Landscape in 2023

    While this summer has been jokingly called "zero-day summer" by some, 2023 fits Mandiant observations that zero-day exploitation has been trending upward for the last few years. As shown in our zero-day trends blog post, Mandiant tracked 55 zero-day vulnerabilities that we ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Research From IANS and Artico Search Reveals Cybersecurity Budgets Increased Just 6% for 2022-2023 Cycle
Cyemptive Technologies Expands Operations in the Middle East and the Americas
Catalyte Leverages Google Career Certificates to Expand Cybersecurity Apprenticeship Opportunities
Maine Department of Labor to Announce the Launch of University of Maine at Augusta Cybersecurity and IT Registered Apprenticeship Program
Recast Software Acquires Liquit, Consolidating the Endpoint and Application Management Markets
ClassLink Provides Cybersecurity Training Course to Help Schools Protect Public Directory Data
Delinea Secret Server Introduces MFA Enforcement at Depth to Meet Cyber Insurance Requirements
MORE PRODUCTS & RELEASES
CURRENT ISSUE

How to Deploy Zero Trust for Remote Workforce Security
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us