MGM Resorts’ Las Vegas area operations to take $100M hit from cyberattack

The Bellagio and Mandalay Bay casino operator said hotel occupancies are down and certain customer data up to March 2019 was stolen. 

By David Jones • Oct. 6, 2023

Clorox warns of quarterly loss related to August cyberattack, production delays

The company expects a significant financial impact stemming from the recent cyberattack, which is reportedly linked to the Scattered Spider threat group.

By David Jones • Oct. 5, 2023

Estes reports cyberattack caused ongoing tech outage

The Richmond-based LTL carrier said its drivers and dockworkers are continuing to move customers' freight.

By Colin Campbell • Oct. 5, 2023

Cyberattack against Johnson Controls sparks downstream concerns

Worries mounted quickly after the attack on the building automation and industrial control systems vendor, which works extensively with multiple federal agencies.

By Matt Kapko • Oct. 5, 2023

Multiple exploits hit Progress Software’s WS_FTP Server

A Progress spokesperson criticized unnamed third parties for releasing a proof of concept that "provided threat actors a roadmap on how to exploit the vulnerabilities."

By Matt Kapko • Oct. 3, 2023

Clorox resumes normal plant operations in the wake of cyberattack

The Pine-Sol maker said it was scaling up production to replenish inventories following an extended product shortage.

By David Jones • Oct. 2, 2023

Johnson Controls hit by ‘severe’ cyberattack

The manufacturer of industrial control systems, security systems and HVAC equipment, said it’s still assessing what information was impacted.

By Matt Kapko • Sept. 28, 2023

Progress Software says business impact ‘minimal’ from MOVEit attack spree

While the company reported $951,000 in cyber incident and vulnerability response expenses for its third quarter, they represent just a sliver of its revenue.

By Matt Kapko • Sept. 28, 2023

Caesars Entertainment faces class action lawsuits following rewards database hack

At least four separate plaintiffs allege the company was negligent for allowing their sensitive personal data to be stolen in a social engineering attack by criminal threat groups. 

By David Jones • Sept. 27, 2023

Campbell Soup says summer cyberattack caused limited business impact

The company will incur some costs, but it considers the disruption nonmaterial.

By David Jones • Sept. 26, 2023

Royal lurked in Dallas’ systems weeks before ransomware attack

The prolific threat actor gained initial access on April 7 and stole almost 1.2 TB of data before it deployed ransomware on May 3, city officials said in a post-attack report.

By Matt Kapko • Sept. 25, 2023

MGM Resorts warns customers of fraud as it faces class action lawsuits

The plaintiffs claim the company was negligent for failing to protect customer data despite prior warnings about previous attacks.

By David Jones • Sept. 25, 2023

Guard against SMS phishing in your organization

How to Guard Against SMS Phishing In Your Organization with Secure Service Desk Verification.

Sept. 25, 2023

MGM Resorts says hotel, casino operations back up and running

The company was still working to restore online functionality for hotel reservations and rewards program users following a major cyberattack.

By David Jones • Sept. 21, 2023

Clorox warns of product shortages a month after disclosing cyberattack

The household product maker said the incident damaged IT systems and will have a material effect on its fiscal Q1 performance.

By David Jones • Sept. 18, 2023

MGM, Caesars attacks raise new concerns about social engineering tactics

Multiple threat groups have employed the same criminal tool kit to target vulnerable systems.

By David Jones • Sept. 18, 2023

Decoding the complexities around Cloud Incident Response

Unleash the power of the cloud with its countless advantages while staying ahead of cyber threats.

By Ashlie Blanca, Consulting Director, Unit 42, Palo Alto Networks • Sept. 18, 2023

Threat actors claim to have compromised MGM Resorts’ Okta environment

AlphV may have used tactics similar to social engineering attacks disclosed by Okta in regulatory filing. 

By David Jones • Sept. 15, 2023

MGM Resorts disruption linked to recent attacks against hospitality industry

Security researchers link the threat group Scattered Spider to a wave of malicious activity as Caesars Entertainment confirms social engineering attack in regulatory filing.

By David Jones • Sept. 14, 2023

MGM Resorts discloses cyber incident in filing with SEC

Moody’s Investors Service called the cyber incident credit negative, and MGM is still taking steps to protect data and fully secure business operations. 

By David Jones • Sept. 13, 2023

Compromised credential use jumps 300% in cloud intrusions: IBM

Valid credentials are also a hot commodity in the cybercrime marketplace, accounting for the vast majority, almost 90%, of assets for sale on the dark web, IBM found.

By Matt Kapko • Sept. 13, 2023

MGM Resorts takes systems offline as it investigates cyberattack

The company restored full operations to dining, gaming and entertainment venues Monday night, following earlier reports payment systems, digital room keys and reservations systems were down at multiple properties. 

By David Jones • Updated Sept. 12, 2023

Aviation sector organization hit by exploit of CVE duo

Cybersecurity authorities investigated the attack by multiple threat actors who exploited known CVEs in Zoho and Fortinet products.

By Matt Kapko • Sept. 8, 2023

Microsoft crash dump exposed key that led to US cabinet email hacks, investigation finds

A China-based threat group used the key to access a Microsoft engineer’s corporate account and, later, compromised more than two dozen customer email accounts.

By David Jones • Sept. 7, 2023

BEC phishing kit hits thousands of Microsoft 365 business accounts

Threat actors used the W3LL phishing kit to target more than 56,000 accounts, ultimately compromising 14% of them since last October, Group-IB found.

By Matt Kapko • Sept. 7, 2023