This article narrates the story of how MGM Resorts International experienced a shutdown of some casino and hotel computer systems across its U.S. properties due to a “cybersecurity issue” that began on Sunday. The exact impact on reservation systems and casino operations in multiple states, including Las Vegas, remains unclear. The FBI is aware of the incident, and MGM Resorts is actively investigating the issue with external cybersecurity experts. Details about the nature of the problem has not been disclosed, but efforts to protect data involve shutting down certain systems. The investigation is ongoing, and the company provided alternative contact information for customers affected by the issue.
“ALPHV,” also known as Black Cat, is allegedly is behind the MGM cyberattack. Authorities have not confirmed the report but this was done using the helpdesk as weakest link to gain access to MGM systems.
This is why we should all be hired!!!
Seriously though, when I see this on the news, I was surprised that they even went as far as shutting he elevators down. Like I stated in my article this week, these groups of thugs have no remorse for human life anymore.
“ALPHV” first found an employee on LinkedIn and used that information to contact the Helpdesk.
“All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk. A company valued at $33,900,000,000 was defeated by a 10-minute conversation,”
The Bellagio and the MGM Grand, two of MGM Resorts International’s iconic Las Vegas locations, and the firm announced Thursday morning that it is still attempting to find solutions while Caesars Entertainment, another significant resort operator, disclosed that it was also the victim of a cyberattack.
On Sunday morning, hackers broke into MGM Resorts, blocking access to the chain’s hotels and casinos. Additionally unusable were the ATMs and slot machines, the elevators were broken, and guests had to wait hours to check into their rooms. Even the business’s website is still down.
This exploit shows how a quick call to the help desk allowed hackers to take complete control of MGM systems.
Since June 2023, the Lazarus Group, which has ties to North Korea, has stolen approximately $240 million in cryptocurrencies, a huge increase in its hacking activity.
The famed hacker squad is allegedly suspected of stealing $31 million in digital assets from the CoinEx exchange on September 12, 2023, according to numerous reports from Certik, Elliptic, and ZachXBT.
The crypto robbery intended for CoinEx is the latest in a succession of recent attacks that also cost $100 million for Atomic Wallet, $37.3 million for CoinsPaid, $60 million for Alphapo, and 41 million for Stake.com.
Data on over 3,000 Airbus suppliers leaked after breach | Computer Weekly
I chose this article as third party communications is something that stood out to me especially when I read the case study on Target. A threat actor and alleged ransomware operator that goes by USDoD leaked over 3000 suppliers of aviation giant Airbus after supposedly penetrating the organizations systems using hacked customer accounts belonging to Turkish Airlines. There were several groups involved and they joined teams on previous attacks as well as fighting against the FBI and other authorities. Besides gaining access to names, address, contract details etc. it gained access to very sensitive data from companies like Rockwell Collins and Thales. They also are trying to target Lockheed Martin and Raytheon. I personally find this very scary as most of those companies have something to do with a plane that flies in the air and could be potentially hacked while in flight. I feel that these groups are ruthless and don’t care about human life or want to hold them ransom and know they can as they have very sensitive data from wiring systems to projects of upcoming aircraft. The article states that, “Info stealer infections as a cybercrime trend surged by an incredible 6,000% since 2018, posting them as the primary initial attack vector used by threat actors to infiltrate organizations and execute cyber-attacks, including ransomware, data breaches, account overtakes and corporate espionage”. This just reinforced why I started this program and the importance of cybersecurity and IT Audit.
Actually, the recent revelation of confidential information relating to over 3,000 Airbus suppliers has stirred contemplation within the industry. As evidenced by reports from Computer Weekly, this breach has sparked a discerning perspective on the matter. Maintaining a professional tone, we delve into the implications of this incident.
The leaked data, encompassing valuable details concerning Airbus’ extensive supplier network, necessitates an examination of potential repercussions. While the breach highlights vulnerabilities in the aerospace giant’s security apparatus, it also underscores the criticality of bolstering digital defenses. Information integrity and the safeguarding of proprietary data must remain paramount concerns in the interconnected world we inhabit.
As the ramifications of this data breach ripple through the industry, stakeholders are impelled to critically evaluate their own security measures. Heightened awareness, robust protocols, and collaborative efforts are indispensable for tackling emerging cyber threats. This incident serves as an undeniable reminder for organizations to reinforce their cyber fortifications in order to navigate an increasingly interconnected and vulnerable digital landscape.
Global Retailers Must Keep an Eye on Their SaaS Stack
Much of today’s critical retail software lives in SaaS apps in the cloud. Securing those applications is crucial to ongoing operations, chain management, and business continuity.
Like we read in this week’s case study about Target, we see in this article that retailers continue to be attached. The article indicates that 629 retail attacks happened last year.
In this article we are more focused on the Apps. Some of the Apps have openings where you don’t know what’s happening. Some instances may have SSO, require MFA, and provide limited role-based access, while other instances may allow all users to login locally with only a single factor.
According to the US Chamber of Commerce, nearly 70% of all retail jobs are unfilled, and surveys indicate that 74% of retail workers are planning to switch jobs this year. Those numbers indicate a transient workforce that needs rapid onboarding and even faster de-provisioning from company SaaS applications.
Retail, no matter via App, in person, or online are vulnerable to attacks. The retailers need to keep on top of these threats if they want to sell as brick and mortar will probably never be like it was 50 years ago and will probably not have the resources as it needs to support it, Apps and online purchasing will stay in the forefront in today’s world.
As a follow-up to the news article I posted in Unit 3:
Caesar’s Palace in Las Vegas has acknowledged being breached by the same group that targeted MGM. The company has admitted to paying a ransom to the group to safeguard its consumers’ information. Caesar’s has also taken measures to verify the deletion of stolen data and will continue monitoring the situation.
The question of whether companies should allocate funds to pay ransoms or invest in cybersecurity measures is a complex one.
Ultimately, companies should aim to minimize the risk of breaches through proactive cybersecurity measures. However, they should also be prepared for the possibility of a breach and have a clear plan for responding to such incidents, which may include considering whether or not to pay a ransom. The best strategy depends on the organization’s risk profile, industry, and regulatory requirements.
Last Pass was hacked (AGAIN!) a few months ago and it looks like it’s starting to pay dividends for the hackers. I have been using LP for years, but this last breach was the straw that broke the camel’s back. An employee using unpatched open-source software was the culprit this time. I have a 30+ character master password so I should be ok, but it might be time to find another password manager.
Wow, just wow. I honestly stopped trusting LastPass back in 2018 when the initial incidents occurred. I stand by that decision 100% but the importance of strong passwords is evergreen. 30+ character, good on you! I stop at around 15 characters haha
Two upstate New York nonprofit hospitals, Carthage Area Hospital and Claxton-Hepburn Medical Center, are still struggling to recover from a recent LockBit ransomware attack that disrupted their services for two weeks. The attack forced appointment cancellations and ambulance diversions. While some services have been restored, others remain unavailable. The hospitals are now facing a ransom threat from the attackers. This incident highlights the ongoing threat of ransomware attacks on healthcare institutions, causing disruptions and potentially endangering patients’ lives.
Title: Betraying the Empire: Caesars Entertainment’s Catastrophic Data Breach
Introduction:
In a digital age where privacy reigns as a cherished commodity, even the mighty can fall prey to latent vulnerabilities. Regrettably, Caesars Entertainment, a prominent name in the realm of luxury casinos and resorts, recently suffered a colossal blow as nefarious actors managed to breach their digital fortress, absconding with a staggering 6 terabytes of valuable data. This incident, exposing deep-seated security flaws within the empire’s cyber defense, serves as an unsettling reminder of the urgent need for enhanced digital shielding.
The Intrusion:
On an unfortunate day, unbeknownst to Caesars Entertainment, an astute cybercriminal collective managed to navigate the labyrinth of safeguards and infiltrate the empire’s fortified systems. Operating covertly under the radar, they embarked on an audacious data heist, plundering over 6TB of sensitive information residing within the organization’s digital fabric. This treasure trove consisted of customer records, including personal identification information, financial data, and other confidential records. The sheer scale of this breach casts a shadow over the organization’s integrity and raises concerns about the privacy of their loyal patrons.
Consequences of the Breach:
Caesars Entertainment’s data breach has multifaceted implications, rippling through the carefully woven fabric of its operations, reputation, and the trust of its stakeholders. The immediate ramifications include the potentially irreversible damage to the empire’s reputation as a safe haven for indulgence and world-class entertainment. Customers, disheartened by the invasion of their privacy, may begin to question the loyalty and trust they once placed in the organization. The dire impact on the bottom line should not be underestimated either, as the potential loss of customers, legal ramifications, and the enormous cost of remediation and implementing enhanced security measures can all take their toll.
Addressing the Fallout:
In the aftermath of this catastrophic breach, Caesars Entertainment, embracing the mantle of responsibility, must undertake prompt and comprehensive actions to mitigate the damage. The empire must proactively notify and assist all affected customers in securing their compromised data. Open, transparent communication is crucial to rebuilding trust, as the organization must demonstrate genuine commitment to redress the situation. Furthermore, Caesars Entertainment needs to fortify its defense mechanisms, harnessing the expertise of leading cybersecurity professionals to identify vulnerabilities and implement robust measures that adequately safeguard its digital ecosystem.
Embracing Digital Fortifications:
To prevent future breaches, Caesars Entertainment should embark upon a multifaceted approach entailing both technical and cultural transformations. Implementing advanced encryption protocols, multi-factor authentication, and continuous monitoring systems could serve as intrepid digital guardians defending against any future onslaughts. Additionally, instilling a cybersecurity-first mindset throughout the organization, promoting a culture that integrates security as a core value, will guarantee heightened vigilance and bolster its resilience against emerging threats.
Working in Collaboration:
As the saying goes, “All roads lead to Rome.” To triumph over the adversities imposed by cybercriminals, Caesars Entertainment should forge alliances with other industry leaders, regulators, and governments. By pooling resources, sharing best practices, and creating a united front, the collective defense against cyber threats can be effectively strengthened. Collaboration on intelligence sharing and cybersecurity drills can enhance preparedness, allowing the industry to collectively stay one step ahead in this perpetual digital battlefield.
Conclusion:
The Caesars Entertainment data breach serves as a watershed moment, highlighting the omnipresent nature of cyber threats and the vigilance required to withstand them. As this prominent empire weathers the storm, it must recognize the imperative for change, manifesting in an enhanced cybersecurity posture and a culture of resilience. Only by embracing these measures can Caesars Entertainment rebuild broken trust, fortify its digital domain, and continue offering unforgettable experiences under the reassurance of impregnable security.
Article Artificial Intelligence: Transforming Healthcare, Cybersecurity, and Communications
This Forbes article covers the emerging challenges associated with cybersecurity in the healthcare field, especially as it relates to rising advancements in AI technology. According to the article, new Ai software is critical in the healthcare industry, as Ai software can run and analyze data sets and assist researchers and doctors in making advancements in their fields. These Ai tools, as Forbes states, can also be used as a double edged sword in cyber security, as while it is possible to use AI to automate tasks such as threat monitoring and evaluations, hackers and other malicious actors can also utilize this software to possibly cycle through or test defenses of various systems and breach an organization.
This article was interesting to me because it presents an interesting overview from specialists into a new and ever changing field of research. AI developments are often arising faster than security analysts can keep up and pose a significant risk to the task of protecting info assets. We need to be aware of any and all developments on this front to ensure that the necessary precautions are taken to manage and protect our and our organization’s data.
It will be a catastrophic attack overall, if AI fails to detect another software or codes embedded into software penetrate systems especially in healthcare industry. Protected medical information records could be up for sale in black webs. Most medical equipment have been alleged to be unsecured though lot of efforts have been made to correct most weaknesses in those equipments.
Erskine Payton
In the News Article- Week 3
MIS 5206
Temple University
Time to Demand IT Security by Design and Default
This article really hits home for me being having been a consultant and working for an IT vendor. From the gate Toby Sibley, the author starts with a cleverly humorous metaphor using a vacuum cleaner as a replacement device and when it gets attacked you take it back to the vendor to repair, and when you need a replacement, you return to the vendor and the cycle over again. He also points out that under normal circumstances, we customers would not go for this. I happen to agree. I have known IT vendors that have cut corners and bent the rules and once the contract is secured provide subpar service.
Security by Design and Security by Default principles puts the onus on the product to against a cyber-attack. Security by Default is defined as a product “resilient against prevalent exploitation techniques out of the box without additional charge.” Security by Design” technology products are built in a way that reasonably protects against malicious cyber actors successfully gaining access to devices, data, and connected infrastructure.” These two principles ensure the vendor shares the responsibility of securing their products and services. If there is an attack, the vendor should share in the cost of the remediation the author suggest.
Again, I agree. Organizations spend millions on managed services companies to run their IT shops and most are great but you have some who are flying by just making it and need to be forced out of the game. The article ends with the effectively belaboring the point that the IT suppliers and vendors must share the responsibility of security. Security by Design and Security by Default principles is designed to do just that.
Since February 2023, Microsoft has detected a cyber campaign by an Iranian nation-state group called Peach Sandstorm. Organizations in the satellite, defense and medical sectors around the world have been targeted, indicating a desire to gather intelligence for Iranian national purposes. Peach Sandstorm uses a combination of standardized tools readily available after gaining initial penetration through methods such as password spray attacks. Microsoft team’s infrastructure has since evolved, with increasing sophistication in modern cloud-based approaches. Microsoft recommends that organizations reset passwords, disable session cookies, and use multifactor authentication schemes.
Title: Microsoft AI Researchers Expose 38TB of Data, Including Keys, Passwords and Internal Messages
Summary: Researchers at Wiz (a cloud data security startup) identified a significant security breach at Microsoft where 38TB of private data were exposed during a routine update of open-source AI training materials on GitHub. The exposed data included disk backups of two employees’ workstations, corporate secrets, private keys, passwords, and over 30,000 internal Microsoft Teams messages. The issue was discovered during internet scans for misconfigured storage containers when Wiz found a GitHub repository belonging to Microsoft’s AI research division. Microsoft had used an Azure feature called SAS tokens to share data, but the link was mistakenly configured to grant access to the entire storage account, including another 38TB of private files. The token also gave read+write permissions instead of read-only, potentially allowing attackers to inject malicious code into their AI models. Microsoft’s security team invalidated the SAS token two days after disclosure and replaced it on GitHub a month later. No customer data was exposed, and Microsoft themselves published a blog post explaining the incident and preventive measures for the future.
Link: https://www.securityweek.com/microsoft-ai-researchers-expose-38tb-of-data-including-keys-passwords-and-internal-messages/
Microsoft Blog Post: https://msrc.microsoft.com/blog/2023/09/microsoft-mitigated-exposure-of-internal-information-in-a-storage-account-due-to-overly-permissive-sas-token/
USDoD Publicizes Data from 2022 South African TransUnion Ransomware Attack
This article expands on the efforts of threat actor, USDoD, and relates to Jeffrey’s article on the Airbus supplier data leak, though Turkish Airlines access is an added factor there. It seems threat actor, USDoD, posted a 3 GB database containing PII of 58,505 individuals on a black hat hacking crime forum. These individuals include the 3200 Airbus vendors mentioned previously. The data dates back to 2022 and includes information on individuals across the Americas and Europe. Apparently, USDoD, who works with the ransomware group, Ransomed, helped execute a ransomware attack back in 2022 demanding $15 million from a South African TransUnion bank after gaining access to their systems by cracking one of the company’s clients passwords… “password”. As a response, this TransUnion refuses to pay the ransom and continues to assuage customers by ensuring them that “the incident impacted an isolated server holding limited data from its South African business.” However, it seems USDoD and Ransomed may have the upper hand here due to USDoD’s most recent publication on the hacking crime forum, BreachForums, and a warning that “more victims in the aerospace industry may soon suffer the same fate, including US defense contractors Lockheed Martin and Raytheon.”
According to a new report, 12,000 internet-exposed Juniper firewall devices have been found vulnerable to a recently disclosed remote code execution flaw (CVE-2023-36845). VulnCheck, which discovered the exploit, revealed that this flaw could be leveraged by an unauthenticated remote attacker to execute arbitrary code on Juniper firewalls without creating a file on the system. This medium-severity vulnerability affects the J-Web component of Junos OS. Juniper Networks patched it last month in an out-of-cycle update, along with other related CVEs. A proof-of-concept (PoC) exploit has been demonstrated, emphasizing the importance of applying the necessary fixes to mitigate potential threats.
Chidi Okafor says
Topic – Cybersecurity breach at MGM Resorts
This article narrates the story of how MGM Resorts International experienced a shutdown of some casino and hotel computer systems across its U.S. properties due to a “cybersecurity issue” that began on Sunday. The exact impact on reservation systems and casino operations in multiple states, including Las Vegas, remains unclear. The FBI is aware of the incident, and MGM Resorts is actively investigating the issue with external cybersecurity experts. Details about the nature of the problem has not been disclosed, but efforts to protect data involve shutting down certain systems. The investigation is ongoing, and the company provided alternative contact information for customers affected by the issue.
Link – https://www.cbsnews.com/news/mgm-resorts-cyberattack-las-vegas-casino/
Ikenna Alajemba says
“ALPHV,” also known as Black Cat, is allegedly is behind the MGM cyberattack. Authorities have not confirmed the report but this was done using the helpdesk as weakest link to gain access to MGM systems.
Jeffrey Sullivan says
This is why we should all be hired!!!
Seriously though, when I see this on the news, I was surprised that they even went as far as shutting he elevators down. Like I stated in my article this week, these groups of thugs have no remorse for human life anymore.
Akiyah says
“ALPHV” first found an employee on LinkedIn and used that information to contact the Helpdesk.
“All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk. A company valued at $33,900,000,000 was defeated by a 10-minute conversation,”
Wow!
Ikenna Alajemba says
https://abcnews.go.com/Business/mgm-reeling-cyber-chaos-5-days-after-attack/story?id=103148809
The Bellagio and the MGM Grand, two of MGM Resorts International’s iconic Las Vegas locations, and the firm announced Thursday morning that it is still attempting to find solutions while Caesars Entertainment, another significant resort operator, disclosed that it was also the victim of a cyberattack.
On Sunday morning, hackers broke into MGM Resorts, blocking access to the chain’s hotels and casinos. Additionally unusable were the ATMs and slot machines, the elevators were broken, and guests had to wait hours to check into their rooms. Even the business’s website is still down.
This exploit shows how a quick call to the help desk allowed hackers to take complete control of MGM systems.
Ikenna Alajemba says
I find out another student already had the same MGM attack incident on MIS before mine.
Ikenna Alajemba says
link: https://thehackernews.com/2023/09/north-koreas-lazarus-group-suspected-in.html
Since June 2023, the Lazarus Group, which has ties to North Korea, has stolen approximately $240 million in cryptocurrencies, a huge increase in its hacking activity.
The famed hacker squad is allegedly suspected of stealing $31 million in digital assets from the CoinEx exchange on September 12, 2023, according to numerous reports from Certik, Elliptic, and ZachXBT.
The crypto robbery intended for CoinEx is the latest in a succession of recent attacks that also cost $100 million for Atomic Wallet, $37.3 million for CoinsPaid, $60 million for Alphapo, and 41 million for Stake.com.
Jeffrey Sullivan says
Jeff Sullivan
In the News- Week 4
MIS 5206
Temple University
https://www.computerweekly.com/news/366552002/Data-on-over-3000-Airbus-suppliers-leaked-after-breach
Data on over 3,000 Airbus suppliers leaked after breach | Computer Weekly
I chose this article as third party communications is something that stood out to me especially when I read the case study on Target. A threat actor and alleged ransomware operator that goes by USDoD leaked over 3000 suppliers of aviation giant Airbus after supposedly penetrating the organizations systems using hacked customer accounts belonging to Turkish Airlines. There were several groups involved and they joined teams on previous attacks as well as fighting against the FBI and other authorities. Besides gaining access to names, address, contract details etc. it gained access to very sensitive data from companies like Rockwell Collins and Thales. They also are trying to target Lockheed Martin and Raytheon. I personally find this very scary as most of those companies have something to do with a plane that flies in the air and could be potentially hacked while in flight. I feel that these groups are ruthless and don’t care about human life or want to hold them ransom and know they can as they have very sensitive data from wiring systems to projects of upcoming aircraft. The article states that, “Info stealer infections as a cybercrime trend surged by an incredible 6,000% since 2018, posting them as the primary initial attack vector used by threat actors to infiltrate organizations and execute cyber-attacks, including ransomware, data breaches, account overtakes and corporate espionage”. This just reinforced why I started this program and the importance of cybersecurity and IT Audit.
—
Jeff Sullivan
Michael Obiukwu says
Actually, the recent revelation of confidential information relating to over 3,000 Airbus suppliers has stirred contemplation within the industry. As evidenced by reports from Computer Weekly, this breach has sparked a discerning perspective on the matter. Maintaining a professional tone, we delve into the implications of this incident.
The leaked data, encompassing valuable details concerning Airbus’ extensive supplier network, necessitates an examination of potential repercussions. While the breach highlights vulnerabilities in the aerospace giant’s security apparatus, it also underscores the criticality of bolstering digital defenses. Information integrity and the safeguarding of proprietary data must remain paramount concerns in the interconnected world we inhabit.
As the ramifications of this data breach ripple through the industry, stakeholders are impelled to critically evaluate their own security measures. Heightened awareness, robust protocols, and collaborative efforts are indispensable for tackling emerging cyber threats. This incident serves as an undeniable reminder for organizations to reinforce their cyber fortifications in order to navigate an increasingly interconnected and vulnerable digital landscape.
Marc Greenberg says
Global Retailers Must Keep an Eye on Their SaaS Stack
Much of today’s critical retail software lives in SaaS apps in the cloud. Securing those applications is crucial to ongoing operations, chain management, and business continuity.
Like we read in this week’s case study about Target, we see in this article that retailers continue to be attached. The article indicates that 629 retail attacks happened last year.
In this article we are more focused on the Apps. Some of the Apps have openings where you don’t know what’s happening. Some instances may have SSO, require MFA, and provide limited role-based access, while other instances may allow all users to login locally with only a single factor.
According to the US Chamber of Commerce, nearly 70% of all retail jobs are unfilled, and surveys indicate that 74% of retail workers are planning to switch jobs this year. Those numbers indicate a transient workforce that needs rapid onboarding and even faster de-provisioning from company SaaS applications.
Retail, no matter via App, in person, or online are vulnerable to attacks. The retailers need to keep on top of these threats if they want to sell as brick and mortar will probably never be like it was 50 years ago and will probably not have the resources as it needs to support it, Apps and online purchasing will stay in the forefront in today’s world.
https://thehackernews.com/2023/07/global-retailers-must-keep-eye-on-their.html
Akiyah says
As a follow-up to the news article I posted in Unit 3:
Caesar’s Palace in Las Vegas has acknowledged being breached by the same group that targeted MGM. The company has admitted to paying a ransom to the group to safeguard its consumers’ information. Caesar’s has also taken measures to verify the deletion of stolen data and will continue monitoring the situation.
The question of whether companies should allocate funds to pay ransoms or invest in cybersecurity measures is a complex one.
Ultimately, companies should aim to minimize the risk of breaches through proactive cybersecurity measures. However, they should also be prepared for the possibility of a breach and have a clear plan for responding to such incidents, which may include considering whether or not to pay a ransom. The best strategy depends on the organization’s risk profile, industry, and regulatory requirements.
https://www.pcmag.com/news/after-mgm-resort-hack-caesars-entertainment-also-reports-a-breach
Kelly Conger says
Last Pass was hacked (AGAIN!) a few months ago and it looks like it’s starting to pay dividends for the hackers. I have been using LP for years, but this last breach was the straw that broke the camel’s back. An employee using unpatched open-source software was the culprit this time. I have a 30+ character master password so I should be ok, but it might be time to find another password manager.
https://krebsonsecurity.com/2023/09/experts-fear-crooks-are-cracking-keys-stolen-in-lastpass-breach/
Ashley A. Jones says
Wow, just wow. I honestly stopped trusting LastPass back in 2018 when the initial incidents occurred. I stand by that decision 100% but the importance of strong passwords is evergreen. 30+ character, good on you! I stop at around 15 characters haha
Alyanna Inocentes says
https://therecord.media/upstate-new-york-hospitals-ransomware-attack
Two upstate New York nonprofit hospitals, Carthage Area Hospital and Claxton-Hepburn Medical Center, are still struggling to recover from a recent LockBit ransomware attack that disrupted their services for two weeks. The attack forced appointment cancellations and ambulance diversions. While some services have been restored, others remain unavailable. The hospitals are now facing a ransom threat from the attackers. This incident highlights the ongoing threat of ransomware attacks on healthcare institutions, causing disruptions and potentially endangering patients’ lives.
Michael Obiukwu says
https://cybersecuritynews.com/caesars-entertainment-hacked/
Title: Betraying the Empire: Caesars Entertainment’s Catastrophic Data Breach
Introduction:
In a digital age where privacy reigns as a cherished commodity, even the mighty can fall prey to latent vulnerabilities. Regrettably, Caesars Entertainment, a prominent name in the realm of luxury casinos and resorts, recently suffered a colossal blow as nefarious actors managed to breach their digital fortress, absconding with a staggering 6 terabytes of valuable data. This incident, exposing deep-seated security flaws within the empire’s cyber defense, serves as an unsettling reminder of the urgent need for enhanced digital shielding.
The Intrusion:
On an unfortunate day, unbeknownst to Caesars Entertainment, an astute cybercriminal collective managed to navigate the labyrinth of safeguards and infiltrate the empire’s fortified systems. Operating covertly under the radar, they embarked on an audacious data heist, plundering over 6TB of sensitive information residing within the organization’s digital fabric. This treasure trove consisted of customer records, including personal identification information, financial data, and other confidential records. The sheer scale of this breach casts a shadow over the organization’s integrity and raises concerns about the privacy of their loyal patrons.
Consequences of the Breach:
Caesars Entertainment’s data breach has multifaceted implications, rippling through the carefully woven fabric of its operations, reputation, and the trust of its stakeholders. The immediate ramifications include the potentially irreversible damage to the empire’s reputation as a safe haven for indulgence and world-class entertainment. Customers, disheartened by the invasion of their privacy, may begin to question the loyalty and trust they once placed in the organization. The dire impact on the bottom line should not be underestimated either, as the potential loss of customers, legal ramifications, and the enormous cost of remediation and implementing enhanced security measures can all take their toll.
Addressing the Fallout:
In the aftermath of this catastrophic breach, Caesars Entertainment, embracing the mantle of responsibility, must undertake prompt and comprehensive actions to mitigate the damage. The empire must proactively notify and assist all affected customers in securing their compromised data. Open, transparent communication is crucial to rebuilding trust, as the organization must demonstrate genuine commitment to redress the situation. Furthermore, Caesars Entertainment needs to fortify its defense mechanisms, harnessing the expertise of leading cybersecurity professionals to identify vulnerabilities and implement robust measures that adequately safeguard its digital ecosystem.
Embracing Digital Fortifications:
To prevent future breaches, Caesars Entertainment should embark upon a multifaceted approach entailing both technical and cultural transformations. Implementing advanced encryption protocols, multi-factor authentication, and continuous monitoring systems could serve as intrepid digital guardians defending against any future onslaughts. Additionally, instilling a cybersecurity-first mindset throughout the organization, promoting a culture that integrates security as a core value, will guarantee heightened vigilance and bolster its resilience against emerging threats.
Working in Collaboration:
As the saying goes, “All roads lead to Rome.” To triumph over the adversities imposed by cybercriminals, Caesars Entertainment should forge alliances with other industry leaders, regulators, and governments. By pooling resources, sharing best practices, and creating a united front, the collective defense against cyber threats can be effectively strengthened. Collaboration on intelligence sharing and cybersecurity drills can enhance preparedness, allowing the industry to collectively stay one step ahead in this perpetual digital battlefield.
Conclusion:
The Caesars Entertainment data breach serves as a watershed moment, highlighting the omnipresent nature of cyber threats and the vigilance required to withstand them. As this prominent empire weathers the storm, it must recognize the imperative for change, manifesting in an enhanced cybersecurity posture and a culture of resilience. Only by embracing these measures can Caesars Entertainment rebuild broken trust, fortify its digital domain, and continue offering unforgettable experiences under the reassurance of impregnable security.
Andrew Young says
Article Artificial Intelligence: Transforming Healthcare, Cybersecurity, and Communications
This Forbes article covers the emerging challenges associated with cybersecurity in the healthcare field, especially as it relates to rising advancements in AI technology. According to the article, new Ai software is critical in the healthcare industry, as Ai software can run and analyze data sets and assist researchers and doctors in making advancements in their fields. These Ai tools, as Forbes states, can also be used as a double edged sword in cyber security, as while it is possible to use AI to automate tasks such as threat monitoring and evaluations, hackers and other malicious actors can also utilize this software to possibly cycle through or test defenses of various systems and breach an organization.
This article was interesting to me because it presents an interesting overview from specialists into a new and ever changing field of research. AI developments are often arising faster than security analysts can keep up and pose a significant risk to the task of protecting info assets. We need to be aware of any and all developments on this front to ensure that the necessary precautions are taken to manage and protect our and our organization’s data.
https://www.forbes.com/sites/chuckbrooks/2023/09/04/artificial-intelligence-transforming-healthcare-cybersecurity-and-communications/?sh=30061bdc71f6
Ikenna Alajemba says
It will be a catastrophic attack overall, if AI fails to detect another software or codes embedded into software penetrate systems especially in healthcare industry. Protected medical information records could be up for sale in black webs. Most medical equipment have been alleged to be unsecured though lot of efforts have been made to correct most weaknesses in those equipments.
Erskine Payton says
Erskine Payton
In the News Article- Week 3
MIS 5206
Temple University
Time to Demand IT Security by Design and Default
This article really hits home for me being having been a consultant and working for an IT vendor. From the gate Toby Sibley, the author starts with a cleverly humorous metaphor using a vacuum cleaner as a replacement device and when it gets attacked you take it back to the vendor to repair, and when you need a replacement, you return to the vendor and the cycle over again. He also points out that under normal circumstances, we customers would not go for this. I happen to agree. I have known IT vendors that have cut corners and bent the rules and once the contract is secured provide subpar service.
Security by Design and Security by Default principles puts the onus on the product to against a cyber-attack. Security by Default is defined as a product “resilient against prevalent exploitation techniques out of the box without additional charge.” Security by Design” technology products are built in a way that reasonably protects against malicious cyber actors successfully gaining access to devices, data, and connected infrastructure.” These two principles ensure the vendor shares the responsibility of securing their products and services. If there is an attack, the vendor should share in the cost of the remediation the author suggest.
Again, I agree. Organizations spend millions on managed services companies to run their IT shops and most are great but you have some who are flying by just making it and need to be forced out of the game. The article ends with the effectively belaboring the point that the IT suppliers and vendors must share the responsibility of security. Security by Design and Security by Default principles is designed to do just that.
https://www.infosecurity-magazine.com/opinions/demanding-it-security-design/
Unnati Singla says
Title and Link:
Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets
https://www.microsoft.com/en-us/security/blog/2023/09/14/peach-sandstorm-password-spray-campaigns-enable-intelligence-collection-at-high-value-targets/?utm_source=tldrinfosec
Since February 2023, Microsoft has detected a cyber campaign by an Iranian nation-state group called Peach Sandstorm. Organizations in the satellite, defense and medical sectors around the world have been targeted, indicating a desire to gather intelligence for Iranian national purposes. Peach Sandstorm uses a combination of standardized tools readily available after gaining initial penetration through methods such as password spray attacks. Microsoft team’s infrastructure has since evolved, with increasing sophistication in modern cloud-based approaches. Microsoft recommends that organizations reset passwords, disable session cookies, and use multifactor authentication schemes.
Alex Ruiz says
Title: Microsoft AI Researchers Expose 38TB of Data, Including Keys, Passwords and Internal Messages
Summary: Researchers at Wiz (a cloud data security startup) identified a significant security breach at Microsoft where 38TB of private data were exposed during a routine update of open-source AI training materials on GitHub. The exposed data included disk backups of two employees’ workstations, corporate secrets, private keys, passwords, and over 30,000 internal Microsoft Teams messages. The issue was discovered during internet scans for misconfigured storage containers when Wiz found a GitHub repository belonging to Microsoft’s AI research division. Microsoft had used an Azure feature called SAS tokens to share data, but the link was mistakenly configured to grant access to the entire storage account, including another 38TB of private files. The token also gave read+write permissions instead of read-only, potentially allowing attackers to inject malicious code into their AI models. Microsoft’s security team invalidated the SAS token two days after disclosure and replaced it on GitHub a month later. No customer data was exposed, and Microsoft themselves published a blog post explaining the incident and preventive measures for the future.
Link: https://www.securityweek.com/microsoft-ai-researchers-expose-38tb-of-data-including-keys-passwords-and-internal-messages/
Microsoft Blog Post: https://msrc.microsoft.com/blog/2023/09/microsoft-mitigated-exposure-of-internal-information-in-a-storage-account-due-to-overly-permissive-sas-token/
Ashley A. Jones says
USDoD Publicizes Data from 2022 South African TransUnion Ransomware Attack
This article expands on the efforts of threat actor, USDoD, and relates to Jeffrey’s article on the Airbus supplier data leak, though Turkish Airlines access is an added factor there. It seems threat actor, USDoD, posted a 3 GB database containing PII of 58,505 individuals on a black hat hacking crime forum. These individuals include the 3200 Airbus vendors mentioned previously. The data dates back to 2022 and includes information on individuals across the Americas and Europe. Apparently, USDoD, who works with the ransomware group, Ransomed, helped execute a ransomware attack back in 2022 demanding $15 million from a South African TransUnion bank after gaining access to their systems by cracking one of the company’s clients passwords… “password”. As a response, this TransUnion refuses to pay the ransom and continues to assuage customers by ensuring them that “the incident impacted an isolated server holding limited data from its South African business.” However, it seems USDoD and Ransomed may have the upper hand here due to USDoD’s most recent publication on the hacking crime forum, BreachForums, and a warning that “more victims in the aerospace industry may soon suffer the same fate, including US defense contractors Lockheed Martin and Raytheon.”
Article link: Threat Actor Claims Major TransUnion Customer Data Breach – Infosecurity Magazine (infosecurity-magazine.com) – https://www.infosecurity-magazine.com/news/threat-actor-transunion-customer/
Subarticle link: Hackers demand $15 million ransom from TransUnion after cracking “password” password (bitdefender.com) – https://www.bitdefender.com/blog/hotforsecurity/hackers-demand-15-million-ransom-from-transunion-after-cracking-password-password/
Akintunde Akinmusire says
Nearly 12,000 Juniper Firewalls Found Vulnerable to Recently Disclosed RCE Vulnerability
https://thehackernews.com/2023/09/over-12000-juniper-firewalls-found.html
According to a new report, 12,000 internet-exposed Juniper firewall devices have been found vulnerable to a recently disclosed remote code execution flaw (CVE-2023-36845). VulnCheck, which discovered the exploit, revealed that this flaw could be leveraged by an unauthenticated remote attacker to execute arbitrary code on Juniper firewalls without creating a file on the system. This medium-severity vulnerability affects the J-Web component of Junos OS. Juniper Networks patched it last month in an out-of-cycle update, along with other related CVEs. A proof-of-concept (PoC) exploit has been demonstrated, emphasizing the importance of applying the necessary fixes to mitigate potential threats.