DIRS.INFO The most relevant business & tech news

☆ Hackers are now targeting the children of corporate executives in elaborate ransomware attacks
▼ + stars: | 2024-05-12 | by ( Kenneth Niemeyer | ) www.businessinsider.com time to read: +1 min

Ransomware attackers are targeting children's phones to extort big companies. As companies improve defenses, attackers are becoming more creative, security experts say. AdvertisementIt's 10 p.m., do you know where your children's phones are? Hackers are even going so far as to target the children of corporate executives in the hopes of holding personal information ransom — an attack known as ransomware. This story is available exclusively to Business Insider subscribers.

Persons: Charles Carmakal, —, Mandiant Organizations: Service, Google, Business

☆ Caesars and MGM grapple with cybeattacks as their security in Vegas falls under scrutiny
▼ + stars: | 2023-09-14 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +3 min

CNN —Hackers stole Social Security numbers and driver’s license numbers from a “significant number” of loyalty program customers of Caesars Entertainment, the hospitality and casino giant said Thursday. The hackers broke into computer systems via “a social engineering attack” on an IT support contractor, according to the filing. “We have taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result,” Caesars Entertainment said. The company said on Monday, when news of the incident broke, that it had shut down certain computer systems to protect its data. Bloomberg News reported on Wednesday that Scattered Spider was responsible for the pair of cyberattacks on Caesars Entertainment and MGM Resorts.

Persons: “, ”, Charles Carmakal, Mandiant, Rachel Tobac Organizations: CNN, Caesars Entertainment, MGM Resorts, Securities and Exchange Commission, FBI, Mandiant Consulting, Google, Bloomberg, SocialProof Locations: Vegas, Las Vegas, United States, United Kingdom

☆ MGM Resorts is still suffering from a massive outage after a notorious group of young hackers apparently tricked workers into handing over access to the company's network
▼ + stars: | 2023-09-14 | by ( Will Gendron | ) www.businessinsider.com time to read: +5 min

MGM Resorts and Caesars Entertainment were compromised by data breaches within weeks of each other. Scattered Spider, the hacking group, tricks people into handing over access to private systems. A cybersecurity expert says Scattered Spider is comprised of mostly young adults from the US and UK. MGM Resorts followed suit, filing its own Form-8K with the SEC. MGM Resorts and Caesars Entertainment both did not immediately respond to Insider's request for comment.

Persons: Charles Carmakal, Carmakal Organizations: MGM Resorts, Caesars Entertainment, US, Service, MGM, Las Vegas . Bloomberg, Caesars, Bloomberg, CNBC, TechCrunch, Mandiant Inc, Google, LinkedIn, US Securities and Exchange Commission, SEC, US Treasury Department Locations: Wall, Silicon, Las Vegas, New York, Vegas, United States

LAS VEGAS (AP) — Casino company Caesars Entertainment on Thursday joined Las Vegas gambling rival MGM Resorts International in reporting that it was hit by a cyberattack, but added in a report to federal regulators that its casino and online operations were not disrupted. Caesars is the largest casino owner in the world, with more than 65 million Caesars Rewards members and properties in 18 states and Canada under the Caesars, Harrah’s, Horseshoe and Eldorado brands. MGM Resorts said reservations and casino floors in Las Vegas and other states were affected. MGM Resorts has has about 40 million loyalty rewards members and tens of thousands of hotel rooms in Las Vegas at properties including the MGM Grand, Bellagio, Aria and Mandalay Bay. Some MGM Resorts computer systems were still down Thursday, including hotel reservations and payroll.

Persons: “, ”, ” Brett Callow, Emsisoft, Callow, Charles Carmakal, ” Carmakal, Mandiant, ” Mandiant, Brian Ahern, pinky, ’ ”, Frank Bajak Organizations: LAS VEGAS, —, Caesars Entertainment, Las, MGM Resorts International, Securities and Exchange Commission, Social, New, MGM Resorts, “, Caesars, Associated Press, SEC, MGM, Aria, FBI, CNA Financial Locations: Las Vegas, Reno, New Zealand, Russia, U.S, Canada, Harrah’s, Eldorado, Mandalay, China, Macau, British Columbia, Boston

The cybercrime group has made a ransom demand to MGM as well, those sources told CNBC's Contessa Brewer. The 8-K report, similar to one filed by MGM Resorts on Wednesday, acknowledges the hack as a material event. The cybercrime group demanded a $30 million ransom from Caesars, but the company ultimately agreed to pay about half that, sources said. Bloomberg previously reported the ransom and that the same group is behind the attacks on both companies. It wasn't immediately clear why Caesars delayed filing the report disclosing the hack and ransom for weeks.

Persons: CNBC's Contessa Brewer, Charles Carmakal Organizations: Caesars, CNBC, MGM, U.S . Securities, Exchange, MGM Resorts, Google, Bloomberg, vx, Twitter, Security, SEC Locations: United States, Twilio

☆ Chinese intelligence hacked State Department emails in ‘significant’ breach
▼ + stars: | 2023-07-12 | by ( Rohan Goswami | In Rohangoswamicnbc | ) www.cnbc.com time to read: +4 min

US National Security Council Coordinator for Strategic Communications John Kirby speaks during the daily briefing in the James S Brady Press Briefing Room of the White House in Washington, DC, on June 5, 2023. Chinese intelligence hacked into Microsoft email accounts belonging to two dozen government agencies, including the State Department, in the United States and Western Europe in a "significant" breach, according to Microsoft and U.S. national security officials. "The Senate Intelligence Committee is closely monitoring what appears to be a significant cybersecurity breach by Chinese intelligence," Sen. Mark Warner, D-VA, and chair of the Select Committee on Intelligence said Wednesday. The compromise was "mitigated" by Microsoft cybersecurity teams after it was first reported to the company in mid-June 2023, Microsoft said in a pair of blog posts about the incidents. It's also a timely example of the kind of threat that U.S. national security officials have been warning about for months and years.

Persons: Strategic Communications John Kirby, James, Brady, Sen, Mark Warner, Mandiant, Charles Carmakal, Adam Hodge, Covington Organizations: National Security, Strategic Communications, White, Microsoft, State Department, Senate Intelligence, Intelligence, U.S, Warner, of State, CNBC, National Security Council, FBI, Infrastructure Security Agency, Security, Wall Street Locations: Washington ,, United States, Western Europe, China, Burling, Guam, It's, U.S

The total number of recent victims from the online extortion ring has reached 121 organizations, according to Brett Callow, whose cybersecurity company Emsisoft helps companies respond to digital shakedown attempts. In 2021, Ukrainian authorities announced the arrests of six people tied to cl0p, but it's not clear that they were core members of the group, which continued to hack victims. Plundering file transfer protocols has become increasingly popular as hackers shift from encrypting data to simply stealing files and threatening to release them unless a ransom is paid. Many of the organizations stress that the target of the hack is the file transfer service, not their systems. The FBI said it was "aware of and investigating the recent exploitation of a MOVEit vulnerability by malicious ransomware actors."

Persons: Brett Callow, encrypting, TrendMicro, didn't, Cl0p, Emsisoft, Charles Carmakal, Raphael Satter, Christopher Bing, James Pearson, Cynthia Osterman Organizations: University of California, Siemens Energy, Abbvie Inc, Schneider, Publicly, Sony, Shell PLC, Government, U.S . Energy Department, Alphabet Inc, FBI, Thomson Locations: Los Angeles, Russia, Washington, London

☆ U.S. government says several agencies hacked as part of broader cyberattack
▼ + stars: | 2023-06-15 | by ( Kevin Collier | ) www.cnbc.com time to read: +2 min

Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly testifies before a House Homeland Security Subcommittee, at the Rayburn House Office Building on April 28, 2022 in Washington, DC. Several U.S. agencies have been hacked as part of a broader cyberattack that has hit dozens of companies and organizations in recent weeks through a previously unknown vulnerability in popular file sharing software. "CISA is providing support to several federal agencies that have experienced intrusions," he said. Charles Carmakal, chief technology officer of Mandiant, a cybersecurity company owned by Google whose clients include government agencies, said that he was aware of some data theft from federal agencies through the MOVEIt hacks. Wendi Whitmore, who leads threat analysis for the cybersecurity company Palo Alto Networks, said that CL0P's campaign of hacking victims through MOVEIt was incredibly widespread.

Persons: Jen, Eric Goldstein, Charles Carmakal, Andrea Mitchell, Brett Callow, Wendi Whitmore, MOVEIt Organizations: Infrastructure Security Agency, Homeland Security, U.S, Google, NBC News, FBI, National Intelligence, National Security Council, Palo Alto Networks Locations: Rayburn, Washington ,, MOVEIt

☆ Clop: Russian-speaking cyber gang claims credit for hack of BBC and British Airways employee data
▼ + stars: | 2023-06-07 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +3 min

CNN —A group of Russian-speaking cyber criminals has claimed credit for a sweeping hack that has compromised employee data at the BBC and British Airways and left US and UK cybersecurity officials scrambling to respond. The compromise of employee data at the BBC and British Airways came via a breach of a human resources firm, Zellis, that both organizations use. Numerous US state government agencies use the MOVEit software, but it’s unclear how many agencies, if any, have been compromised. The US Cybersecurity and Infrastructure Security Agency has ordered all federal civilian agencies to update the MOVEit software in light of the hack. Progress, the US firm that owns the MoveIT software, has also urged victims to update their software packages and has issued security advice.

Persons: ” They’ve, —, CISA, Eric Goldstein, Charles Carmakal, ”, Allan Liska Organizations: CNN, BBC, British Airways, Infrastructure Security Agency, Federal Bureau of Investigation, Progress Software, FBI, Mandiant Consulting, Google, LinkedIn Locations: Canada

☆ Hackers use flaw in popular file transfer tool to steal data, researchers say
▼ + stars: | 2023-06-02 | by ( Zeba Siddiqui | ) www.reuters.com time to read: +2 min

SAN FRANCISCO, June 1 (Reuters) - Hackers have stolen data from the systems of a number of users of the popular file transfer tool MOVEit Transfer, U.S. security researchers said on Thursday, one day after the maker of the software disclosed that a security flaw had been discovered. Software maker Progress Software Corp (PRGS.O), after disclosing the vulnerability on Wednesday, said it could lead to potential unauthorized access into users' systems. The managed file transfer software made by the Burlington, Massachusetts-based company allows organizations to transfer files and data between business partners and customers. Such "zero-day," or previously unknown, vulnerabilities in managed file transfer solutions have led to data theft, leaks, extortion and victim-shaming in the past, Mandiant said. Pitt did not have a comment on who might have been trying to steal data by exploiting the flaw.

Persons: Ian Pitt, Charles Carmakal, Mandiant, Carmakal, Rapid7, Pitt, Zeba Siddiqui, Christopher Cushing Organizations: FRANCISCO, Progress Software Corp, Software, Reuters, Rapid7 Inc, Mandiant Consulting, Google, Thomson Locations: Burlington , Massachusetts, San Francisco

☆ North Korean hackers breach software firm in significant cyberattack
▼ + stars: | 2023-04-20 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +4 min

CNN —Suspected North Korean hackers infiltrated a software firm that claims hundreds of thousands of customers around the world in a cyberattack that shows Pyongyang’s advanced hacking capabilities, private investigators said Thursday. But it’s the latest evidence that North Korean hackers are pulling out all the stops to break into organizations to steal or spy on them in support of dictator Kim Jong Un’s strategic interests. A recent CNN investigation found a rampant effort by North Korean hackers to steal cryptocurrency and launder it into hard cash that might help fund the regime’s weapon’s programs. Trading Technologies has not been able to verify Mandiant’s findings yet because the company just became aware of the issue last week, a spokesperson for Trading Technologies told CNN on Thursday. “What we do know with certainty is that 3CX is not a vendor or a customer of Trading Technologies,” the Trading Technologies spokesperson said.

☆ Ransomware Simulation Debrief
▼ + stars: | 2022-12-06 | by ( Eamon Javers | ) www.cnbc.com time to read: 1 min

Share Share Article via Facebook Share Article via Twitter Share Article via LinkedIn Share Article via EmailRansomware Simulation DebriefCol. Sean Hannah joins cybersecurity experts Nicole Eagan and Charles Carmakal on stage to debrief the results of the ransomware simulation and discuss the many layers cyber risk that companies face today. They will recap how the members approached the scenario and the decisions made, as we dig further into how companies and governments can work together to prepare for future attacks. CNBC's Eamon Javers moderates a discussion with Col. Sean Hannah, US Army retired; Charles Carmakal, Mandiant SVP & CTO and CNBC Technology Executive Council member; and Nicole Eagan, Darktrace Chief Strategy Officer, AI Officer and CNBC Technology Executive Council member at the 2022 CNBC CFO Council Summit on November 30, 2022.

Search resuls for: "Charles Carmakal"

12 mentions found