"MGM Resorts recently identified a cybersecurity issue affecting some of the company's systems," the company wrote in a statement. It said the company "took prompt action to protect our systems and data, including shutting down certain systems" in response to the attack. MGM Resorts has not confirmed how widespread the shut down is, what systems have been affected or other details about the incident.

Customer anecdotes report issues making reservations, using ATM machines, playing certain games and mobile key entry into hotel rooms, but Engadget has not independently confirmed these reports. While MGM Resorts informed the Las Vegas Metropolitan Police Department about the incident, the department said in a statement that these types of incidents are typically passed along to federal agencies.

The post MGM Resorts hit by 'cybersecurity issue,' leading to massive outage appeared first on Best News.

Members of the hacking group are reportedly located in the US and UK and are as young as 19 years old. They began targeting Caesars as early as August 27th, and obtained access to an outside vendor before entering the company's network, according to the report. Caesars is expected to disclose the attack "imminently" in a regulatory filing.

Scattered Spider has reportedly been activate since May of 2022, and has largely attacked telecom and business outsourcing organizations, according to Trellix. The group is known to impersonate IT personnel and uses social engineering to persuade company officials to rum remote monitoring and other tools. From there, they exploit vulnerabilities and use tools like "Stonestop" to evade security software. Security Week describes them as a "financially-motivated threat actor."

The group has been implicated in the MGM Resorts cyber outage as well, though another ransomware group called ALPHV/BlackCat also took credit. ALPHV also claims to have used social engineering to get inside, saying it took just a ten minute conversation to gain access. MGM has reportedly declined to pay the demanded ransom.

The post Caesars reportedly paid millions to stop hackers releasing its data appeared first on Best News.

The ALPHV ransomware group took credit for the attack shortly after systems went offline. The group claimed it used social engineering tactics, or gaining trust from employees to get information, to access systems. Once a group gains access, they usually demand a sum of money in exchange for access or information.

After the MGM attack went public, reports started surfacing that competitor Caesars Entertainment, which also owns casinos across the Las Vegas strip, recently suffered a similar attack. But unlike MGM, Caesars reportedly paid "tens of millions of dollars" to the hackers that threatened to release company data to avoid damage. Another ransomware group, Scattered Spider, took credit for that attack. Scattered Spider also took credit for the MGM attack, but responsibility is notoriously difficult to verify without security researchers because hackers are motivated to claim as much damage as they can.

The attacks both started through identity management vendor Okta. MGM and Caesars both use the service, and the company confirmed hackers were able to use its tech as an access vector. The full extent of the damage remains unclear. At least three other Okta clients have been hit by cyberattacks, David Bradbury, chief security officer of the company, told Reuters.

"There has been no compromise or breach of Okta systems and the Okta service remains fully operational and secure. We are available to assist MGM in any way we can," an Okta spokesperson told Engadget. "We have seen social engineering attacks involving a threat actor calling an organization's help desk, impersonating an employee, and persuading the help desk to reset MFA for a highly privileged account. The Okta blogs provide preventative measures along with our threat intelligence and we encourage our customers to review the posts and take appropriate action."

MGM did not respond to a request for comment on any data leak implications possibly stemming from the attack or whether backend systems such as employee accounts are back up and running.

The post MGM says its hotels and casinos are back up and running appeared first on Best News.

Leave the World Behind stars Julia Roberts, Ethan Hawke, Mahershala Ali and Kevin Bacon, which is a whole lot of star power. As for the plot, this is an Esmail joint, so it’s likely best to go in fresh, but Netflix did drop a tantalizingly simple story premise: a “family’s vacation is upended when two strangers arrive at night, seeking refuge from a cyberattack that grows more terrifying by the minute.”

The synopsis calls to mind M. Night Shyamalan’s Knock at the Cabin, and both films do have something in common—They’re based on books. The similarly-named Leave the World Behind novel was penned by renowned author Rumaan Alam and has been praised by publications like NY Times, USA Today, Esquire and many more. On the plus side, we know the movie will have a proper ending to work with. On the down side, spoilers will be tough to avoid, so exercise caution when surfing the endless web.

The movie continues Netflix’s recent dual-release strategy as seen with Glass Onion: A Knives Out Mystery, Marriage Story, The Irishman and other high-profile features. Leave the World Behind starts a two-week exclusive run at movie theaters on November 22 before premiering on the popular streaming service on December 8. This isn’t the first movie written and directed by Esmail. Just before booking Mr. Robot, he created a romance film called Comet about parallel universes.

This article contains affiliate links; if you click such a link and make a purchase, we may earn a commission.

The post Cyberattack thriller from the creator of Mr. Robot gets a star-studded trailer appeared first on Best News.

The cyber incident impacted warehouse management, invoice and other delivery systems, according to Venhuizen's memo. "The impact of this incident is resulting in disruptions to your shipments," Venhuizen wrote. An update issued on Monday urged stores to stay open, and confirmed there were no known impacts to its in-store payment and service systems.

Out of the company's 1,400 servers and 3,500 networked devices, 1,202 were impacted by the attack, according to a notice obtained by Bleeping Computer. About half had been restored as of early Thursday morning. "This frustration and all of this effort is the direct result of a malicious cyber attack on Ace," the update said. "This was perpetuated by criminals. Though they are hiding in this shadows, they are no different than thugs who break into your store attempting to steal your stuff." The details of the attack, such as who is responsible and how they accessed the systems, hasn't been confirmed yet.

Ace Hardware also warned retailers to be aware of cybercriminals trying to take advantage of the chaos by spoofing email updates or trying to remotely access in-store systems. Ace Hardware operates on a retailer-owned model, in which store owners form the cooperative of shareholders behind the retail giant. The retailer operates more than 5,800 stores.

The post Ace Hardware's online ordering and other systems are still down due to a suspected cyberattack appeared first on Best News.

Canada’s largest zoo is investigating the attacker’s motives and possible damage to its systems. It’s unclear if any guest, member, donor or employee records were impacted. Toronto Zoo did, however, say it does not store any credit card information, so past visitors wouldn’t have to worry about that. The zoo remains open for normal operations, and its website is still up and running.

“Unfortunately, these incidents are becoming more and more common and we are grateful we took steps over the past few years to upgrade our technology infrastructure,” Toronto Zoo said in a statement. It contacted the city, local police and third-party experts to help with its investigations.

But questions remain, like why would attackers target a zoo? Money usually motivates hackers, and the zoo does bring in a lot. Besides millions in donations for various projects and government grants, it also generates revenue from its 750,000 visitors each year.

Zoos have been a target of attacks in the past, too. A cyberattack hit ZooTampa in July 2023 and the Louisville Zoo in 2022, allegedly targeting visitors’ personal information. In 2015, two dozen zoos in the United States faced a coordinated attack against a vendor going after visitor credit and debit card information.

The post Toronto Zoo hit by a cyberattack, but don't worry, the hackers didn't go after the animals appeared first on Best News.

Look at the 23andMe breach affecting nearly 7 million users. While not every account was compromised via credential stuffing, it was how the hackers initially got in, and then they used a social feature called DNA Relatives to keep going. Hackers gained access to sensitive information like full names and locations, specifically targeting groups like Ashkenazi people, offering the data for sale in bulk online.

Hacking conjures an image of sophisticated, high tech break-ins, but what makes credential stuffing so lucrative is that it’s surprisingly “pretty unsophisticated,” Rob Shavell, CEO of online personal information removal service DeleteMe, told Engadget. Hackers will use educated guesses to figure out your password, or just buy old passwords from leaks online to see if they work for different accounts. Tactics used by hackers include using personal information found online to guess passwords or asking a generative AI program to come up with usable variations on a password to get into an account.

Companies frequently fail to protect your data, sticking you with the burden of preventing credential stuffing accounts to the best of your ability. In fact, credential stuffing has become so prevalent, that you’ve likely already fallen victim. Nearly a quarter of all login attempts last year met the criteria for credential stuffing, according to security company Okta’s 2023 State of Secure Identity Report that surveyed more than 800 IT and security decision-makers across fields. Verizon’s 2023 analysis of data breaches found that about half of breaches involved stolen credentials. Checking an email address on sites like Have I Been Pwned can show you which passwords may have been compromised, meaning if you’ve reused it on another account, it could be a matter of time until hackers try to use it to get in.

Credential stuffing works because we tend to stick to certain patterns when creating passwords, like using your mother’s maiden name or a childhood address, with small variations to make them easier to remember. “Because we’re lazy, and because we have 50 passwords now, it is the default to just pick one password and use it many places,” chief information security officer at cloud company Akamai Steve Winterfeld said. “The problem is you then are not taking appropriate risk measures.”

That level of risk varies widely. The one-off account you used to try out World of Warcraft years ago and doesn’t have any personal or financial information attached to it probably doesn’t concern you. But hackers are betting you’ve reused an email, username and password for a more lucrative account, like your bank or social media, and they will use credential stuffing to get in. “I have one username and password that I use for things that I’m okay if they’re compromised … that would not financially or brand impact me,” Winterfeld said.

Minimizing the risks you’re taking online by using strong passwords will make it a lot more manageable to start protecting yourself against credential stuffing. Changing passwords frequently, or making the switch to passkeys, can also help. There are other ways you can protect yourself, too, as companies have made it clear that they’ll do anything in their power to shirk responsibility for protecting your information.

First, understand that once a credential is leaked, it can be used to gain access to other accounts, Frank Teruel, CFO at bot prevention firm Arkose Labs, said. So, change passwords for any accounts where you may have repeated it, especially high-profile targets linked to financial or other sensitive institutions. This is where a password manager comes in handy, because some will even flag if a password has been found in a breach and suggest that you change it to a stronger option.

Taking some time to purge accounts you no longer use will greatly reduce the number of password leaks to worry about, too, Teruel said. In the meantime, make it a habit not to reuse passwords or small variations on them, and to change passwords frequently to limit risk.

The post What is credential stuffing and how do you keep your accounts safe from it appeared first on Best News.

Initially, VF Corp warned customers that the cyberattack it experienced in December could have an impact on its holiday order fulfillment. The company said "unauthorized occurrences" on its IT systems caused operational disruptions, and the attackers likely stole personal information. Now, it's come out just how widespread the damage from the attack could be.

VF Corp did not respond to a request for comment clarifying what type of data the hackers stole. In the SEC filing, however, the company said it did not collect consumer social security numbers, bank account information or payment card information, and that there is no evidence the hackers stole passwords. It also said that the unauthorized users were "ejected" from its systems by December 15, after being discovered two days earlier.

"Since the filing of the Original Report, VF has substantially restored the IT systems and data that were impacted by the cyber incident, but continues to work through minor operational impacts," the latest filing states. VF still has not confirmed who was behind the attack.

The post Apparel supplier for North Face, Vans admits its cyberattack led to a data breach of 35 million customers appeared first on Best News.

"There is no evidence of fraud or inappropriate use of the information from those files," a statement from CMU said. Still, the attackers likely accessed and copied data that included names, social security numbers and birth dates. With help from law enforcement, CMU disabled any access to that copied data, according to the school.

It started on August 25 when unauthorized users accessed CMU's systems. The university says it began recovery processes and an investigation into the incident that included months later in December, while notifications to impacted parties began to go out last week. Impacted parties will receive credit monitoring services to mitigate further damage.

CMU did not respond to a request for comment and further information about the attack by the time of publication.

The post Carnegie Mellon reveals it was hit by a cyberattack over the summer appeared first on Best News.

LoanDepot first revealed it has fallen victim to attack on January 8. The company took some IT systems offline, but it faced a slow recovery. Customers took to social media to complain payment issues, struggles to access their accounts and even trouble closing deals on mortgages. By Friday, about two weeks since LoanDepot first came forward about the incident, systems like customer portals and other internal sites returned back online. It appears that LoanDepot fell victim to a ransomware attack, where hackers demand money in exchange for access or information, according to reporting from TechCrunch.

"Unfortunately, we live in a world where these types of attacks are increasingly frequent and sophisticated, and our industry has not been spared. We sincerely regret any impact to our customers,” LoanDepot CEO Frank Martell said in a statement.

Still, the true aftermath of the attack is still coming to light. LoanDepot did not provide additional comment, or explain what types of sensitive information may have been revealed. It did say it would offer free credit monitoring and identity protection services to impacted customers. Notably, three other major financial institutions — Mr. Cooper Group, Fidelity National Financial, First American Financial — have also been hit by cyberattacks in recent months.

The post LoanDepot discloses that hackers breached personal data of 16 million customers appeared first on Best News.