MGM Resorts International said it's investigating a cyberattack that forced the gaming company to shut down certain systems, in a Monday post on X, the social media site formerly known as Twitter. Multiple reports indicate guests are unable to use digital room keys, payment systems are not working and hotel restaurants can only accept cash. The company said it has notified law enforcement and brought in outside cybersecurity experts to assist in the investigation. READ MORE...
Akamai says it thwarted a major distributed denial-of-service (DDoS) attack aimed at a US bank that peaked at 55.1 million packets per second earlier this month. The network traffic flood hit on September 5 against the unnamed finance giant Akamai describes as "one of the biggest and most influential US financial institutions." While it only lasted less than two minutes, it managed to spike to 633.7 gigabits per second with criminals using ACK, PUSH, RESET, and SYN flood attack vectors. READ MORE...
Cybercrime crew BianLian claims to have broken into the IT systems of a top non-profit and stolen a ton of files, including what the miscreants claim is financial, health, and medical data. As highlighted by VX-Underground and Emsisoft threat analyst Brett Callow earlier today, BianLian bragged on its website it had hit an organization that, based on the gang's description of its unnamed victim, looks to be Save The Children International. READ MORE...
An espionage threat group tracked as 'Redfly' hacked a national electricity grid organization in Asia and quietly maintained access to the breached network for six months. These new findings come from Symantec, who found evidence of ShadowPad malware activity in the organization's network between February 28 and August 3, 2023, along with keyloggers and specialized file launchers. READ MORE...
After Telegram - the free, encrypted, cloud-based messaging service - initiated a suspension of hacker group Anonymous Sudan's primary account, the group has launched distributed denial-of-service (DDoS) attacks against the platform. The group has been active since the start of 2023 but rose to prominence after launching DDoS attacks against Microsoft 365, affecting Microsoft Azure, Outlook, and Teams, among others. READ MORE...
Hackers use a massive network of fake and compromised Facebook accounts to send out millions of Messenger phishing messages to target Facebook business accounts with password-stealing malware. The attackers trick the targets into downloading a RAR/ZIP archive containing a downloader for an evasive Python-based stealer that grabs cookies and passwords stored in the victim's browser. READ MORE...
Siemens has published seven new advisories covering a total of 45 vulnerabilities affecting the company's industrial products. One of the advisories describes CVE-2023-3935, a critical vulnerability affecting Wibu Systems' CodeMeter software licensing and protection technology, which is used by several Siemens products, including PSS, SIMATIC, SIMIT, SINEC and SINEMA. READ MORE...
A mishap has resulted in security feeds and camera logs from home cameras being temporarily visible online. Users of Wyze, makers of smart products and home cameras, fell victim to this bizarre incident sometime around September 8. One of the first posts about this appeared on Reddit, where a user highlighted that they were "seeing someone else's webcam feed". They'd logged onto the website to check their cameras and were met with someone else's dog in someone else's house. READ MORE...