Cyberattacks

What Is an Account Takeover Attack?

Sep 25, 2023 By Tim Tran In Keeper

An account takeover attack is a form of identity theft in which a cybercriminal takes over someone else’s online account. Cybercriminals steal a victim’s login credentials without them knowing through methods such as brute force attacks and phishing. Once the cybercriminal gains access to a victim’s account, they change the login credentials to prevent the victim from logging back in.

Read Post

Keeper

Read more about What Is an Account Takeover Attack?

Mockbin and the Art of Deception: Tracing Adversaries, Going Headless and Mocking APIs

Sep 22, 2023 By Michael Haag In Splunk

On September 4, 2023, CERT-UA revealed a meticulously planned cyberattack targeting Ukraine's critical energy infrastructure. The attack's modus operandi was distinct; it utilized deceptive emails containing bait links, luring victims into downloading a seemingly innocuous ZIP archive. This archive, however, harbored malicious files designed to hijack the victim's computer, redirecting data flows and exfiltrating sensitive information using services like mockbin.org and mocky.io.

Read Post

Splunk

Read more about Mockbin and the Art of Deception: Tracing Adversaries, Going Headless and Mocking APIs

Okta Environments Seeing Increased Targeted Threat Activity

Sep 22, 2023 By Andres Ramos In Arctic Wolf

In the last few weeks, Arctic Wolf Labs has noted an increase in threat activity targeting Okta as an attack vector. The relevant Techniques, Tools, and Procedures (TTPs) span across several different types of attacks. This bulletin will review several key aspects of these attacks.

Read Post

Arctic Wolf

Read more about Okta Environments Seeing Increased Targeted Threat Activity

The MGM Resorts Attack: Initial Analysis

Sep 22, 2023 By Andy Thompson In CyberArk

The recent cyberattack on MGM Resorts International has raised serious concerns about the security of sensitive data and the vulnerabilities organizations face in today’s digital landscape. In this blog post, we will dive into the details of the attack based on the information currently available, analyze its root causes and discuss key takeaways to help organizations strengthen their security posture.

Read Post

CyberArk

Read more about The MGM Resorts Attack: Initial Analysis

Understanding Malicious Package Attacks and Defense Strategies for Robust Cybersecurity

Sep 21, 2023 By Dilki Rathnayake In Tripwire

Malicious packages consist of software embedded with code that is capable of causing harm to an entire system or network. This is a rapidly growing threat affecting open-source software and the software supply chain. This attack method has seen a nearly 12,000% increase from 2022 to 2023, as reported by Synk. Some reasons include its technical feasibility, the potential for high returns, and the widespread distribution of open-source offerings, Common types of malicious packages encompass.

Read Post

Tripwire

Read more about Understanding Malicious Package Attacks and Defense Strategies for Robust Cybersecurity

What is an Authenticated Security Scan, And Why Is It Important?

Sep 21, 2023 By Gaurav Chauhan In Indusface

Many organizations today rely only on “unauthenticated” web application security scans, leaving their admin and user portals unchecked. While it is crucial to protect your system against external automated attacks, you shouldn’t ignore the possibility of a targeted attack from someone with valid logins. If your app lets anyone signup online, it could easily expose your business to attackers.

Read Post

Indusface

Read more about What is an Authenticated Security Scan, And Why Is It Important?

As MGM Struggles Amid Ransomware Fallout, Data Recovery Lessons Abound - Part 2

Sep 21, 2023 By Scott Gray In 11:11 Systems

The latest MGM Resorts ransomware attack demonstrates why cyber insurance is critical as part of a multi-layered security strategy. In our last blog, we discussed the recent Las Vegas cyber incidents and how no organization is completely safe. The original cyber incident at MGM Resorts occurred on September 10, 2023 — nearly two weeks ago now – and the company and its valued customers are still feeling its effects.

Read Post

11:11 Systems

Read more about As MGM Struggles Amid Ransomware Fallout, Data Recovery Lessons Abound - Part 2

Evolution of Real Time Attack Detection

Sep 21, 2023 By Wallarm

Attack detection is critical for most security solutions, whether we are talking about a load balancer-based (NIDS, WAF), host-based or in-application solutions (HIDS, RASP). Interestingly, regardless of the differences in architecture and data flow, most solutions use similar detection principles and techniques. We will explore how the detection architecture evolved over time and how the new generation of detection logic, such as the architecture implemented by Wallarm, is principally different from that of the legacy solutions.

Get White Paper

Wallarm

Read more about Evolution of Real Time Attack Detection

How Social Engineering Took Down MGM and Caesars

Sep 20, 2023 By Arctic Wolf In Arctic Wolf

Two major players in hospitality and gaming, MGM and Caesars, were victims of two, separate cyber attacks. While the details are still unknown, what is known is that Caesars paid the hackers a multi-million dollar ransom, and that both attacks began with social engineering.

View Video

Arctic Wolf

Read more about How Social Engineering Took Down MGM and Caesars

Major Casinos Hacked Using Social Engineering Attacks

Sep 20, 2023 By Arctic Wolf In Arctic Wolf

Two giants in the gaming and hospitality industry, Caesars Entertainment and MGM Resorts, recently announced that they were targeted by cybercriminals. But here’s the catch, both ransomware attacks appear to have started with the use of social engineering tactics against IT helpdesk personnel to gain access to systems.

Read Post