Payment Card-Skimming Campaign Now Targeting Websites in North America
A Chinese-speaking threat actor that has been skimming credit card numbers off ecommerce sites and point-of-sale service providers in the Asia/Pacific region for more than a year has begun aiming at similar targets in North and Latin America as well. In a series of attacks since at least May 2023, the adversary has exploited vulnerabilities in Web applications - including one vulnerability that China's Hafnium group has used in cyber espionage campaigns - to gain access to sites belonging to organizations across multiple industry sectors. READ MORE...
Retool blames breach on Google Authenticator MFA cloud sync feature
Software company Retool says the accounts of 27 cloud customers were compromised following a targeted and multi-stage social engineering attack. Retool's development platform is used to build business software by companies ranging from startups to Fortune 500 enterprises, including Amazon, Mercedes-Benz, DoorDash, NBC, Stripe, and Lyft. Snir Kodesh, Retool's head of engineering, revealed that all hijacked accounts belong to customers in the cryptocurrency industry. READ MORE...
Threat actors claim to have compromised MGM Resorts' Okta environment
The threat actors linked to a suspected cyberattack attack against MGM Resorts have claimed to have accessed the company's Okta environment prior to the attacks. The group called AlphV said that MGM Resorts shut down their Okta servers after realizing the hackers had been lurking in their Okta Agent servers in order to find vulnerable passwords, in claims posted by Brett Callow, a threat analyst at Emsisoft. The threat actors also claimed to have super administrator privileges to the company's Azure tenant. READ MORE...
Ransomware group steps up, issues statement over MGM Resorts compromise
The recent attack on MGM Resorts generated lots of speculation with regard to what the cause was. Some folks claimed the culprit was ransomware. Well, confirmation is now forthcoming as an affiliate of the BlackCat/ALPHV ransomware group is said to be the one responsible for the attack and subsequent outage. The statement is quite long, takes a few digs at MGM Resorts, and seeks to correct what the group feels to be inaccurate statements made by security vendors and others with regard to the attack. READ MORE...
SEC cyber disclosure rules: What's the role of the CIO?
The Securities and Exchange Commission introduced new requirements for disclosing material cybersecurity incidents on Sept. 5, placing pressure on organizations to adopt robust reporting mechanisms. The C-suite impact is clear: company leadership must be able to quickly determine whether an incident is material to business operations. A four-business-day clock at that point starts ticking, a window in which publicly-traded companies will be required to disclose the event to SEC. READ MORE...
- ...in 1842, Scottish chemist and physicist James Dewar, inventor of the vacuum flask, was born in Kincardine, Scotland.
- ...in 1941, sculptor Dale Chihuly, known for his flowing, large-scale glassworks, was born in Tacoma, WA.
- ...in 1946, the first Cannes Film Festival is held in France, after having been delayed for seven years due to WWII.
- ...in 1973, Billie Jean King defeats Bobby Riggs in their Battle of the Sexes tennis match in Houston, TX.
