Caesars Entertainment, Inc., a well-known global hospitality brand, has been hacked by a cybercrime gang that stole a vast chunk of data, including the company's loyalty program database. In a filing with the SEC, Caesars said the hijacked data includes driver's license numbers and/or social security numbers for a significant number of members in the database and provided a hint that a ransomware demand was paid to minimize the damage. READ MORE...
Trucking and fleet management solutions provider ORBCOMM has confirmed that a ransomware attack is behind recent service outages preventing trucking companies from managing their fleets. ORBCOMM is a solutions provider for freight companies to manage fleets and track transported assets. The company also provides Electronic Logging Devices (ELD) that truckers use to log their hours to adhere to federal safety regulations. READ MORE...
The International Joint Commission, a body that manages water rights along the US-Canada border, has confirmed its IT security was targeted, after a ransomware gang claimed it stole 80GB of data from the organization. "The International Joint Commission has experienced a cybersecurity incident, and we are working with relevant organizations to investigate and resolve the situation," a spokesperson for the org told The Register. READ MORE...
A report this week about Pegasus spyware showing up on an iPhone belonging to award-winning Russian journalist Galina Timchenko has highlighted again the seemingly myriad ways that government and law enforcement agencies appear to have to deliver the odious surveillance tool on target devices. Timchenko is an exiled Russian investigative journalist and co-founder of Meduza, a Russian- and English-language news site headquartered in Riga, Latvia. READ MORE...
The Department of Homeland Security's Homeland Threat Assessment is warning of bad actors potentially using artificial intelligence to disrupt critical infrastructure either through election influence campaigns or by targeting industrial systems. The annual report - which outlines the key concerns for the next year - points to adversaries increasingly focusing and learning how to target critical infrastructure with emerging technologies like AI. READ MORE...
The consequences of last year's LastPass breach continue to be felt, with the latest insult to users coming in the form of a highly convincing phishing email. Although the "unauthorized party" that compromised LastPass users' data was able to steal password vaults, it's likely that they are having a hard time cracking them open. LastPass's own assessment was that "it would be extremely difficult to attempt to brute force guess master passwords for those customers who follow our password best practices." READ MORE...