InfoSec News Nuggets 4/18/2024

MGM says FTC can't possibly probe its ransomware downfall MGM Resorts wants the FTC to halt a probe into last year's ransomware infection at the mega casino chain – because the watchdog's boss Lina Khan was a guest at one of its hotels during the cyberattack, apparently. The biz on Monday sued [PDF] the US regulator and its chair, noting the computer network intrusion in September 2023 "cost MGM dearly." That legal complaint, filed in…
Read More

InfoSec News Nuggets 09/14/2023

This dangerous new Mac malware steals your credit card info People like to think that Apple’s Macs are more or less invulnerable to the assorted viruses and trojans that afflict Windows PCs, but that’s far from the truth. That’s just been aptly demonstrated by the emergence of a new malware strain that attempts to steal all of your passwords, credit card data, and more. The discovery was made by security firm SentinelOne, which named the…
Read More

InfoSec News Nuggets 09/13/2023

'Anonymous Sudan' Sets Its Sights on Telegram in DDoS Attack  After Telegram — the free, encrypted, cloud-based messaging service — initiated a suspension of hacker group Anonymous Sudan's primary account, the group has launched distributed denial-of-service (DDoS) attacks against the platform. The group has been active since the start of 2023 but rose to prominence after launching DDoS attacks against Microsoft 365, affecting Microsoft Azure, Outlook, and Teams, among others. In the past, the group has also targeted…
Read More

InfoSec News Nuggets 09/12/2023

Sri Lankan government loses months of data following ransomware attack  Sri Lanka’s government email network was hit by a ransomware attack that wiped months of data from thousands of email accounts, including ones belonging to top government officials, authorities confirmed on Monday. The attack, which started at the end of August, affected nearly 5,000 email addresses using the gov.lk email domain. The victims include Sri Lanka’s council of ministers which forms the central government of the country. The targeted…
Read More

InfoSec News Nuggets 2/24/2020

1 - Safari to snub new security certs valid for more than 13 months Safari will, later this year, no longer accept new HTTPS certificates that expire more than 13 months from their creation date. That means websites using long-life SSL/TLS certs issued after the cut-off point will throw up privacy errors in Apple's browser. The policy was unveiled by the iGiant at a Certification Authority Browser Forum (CA/Browser) meeting on Wednesday. Specifically, according to…
Read More

InfoSec News Nuggets 2/21/2020

1 - MGM hack exposes personal data of 10.6 million guests The personal information of 10.6 million guests who stayed at MGM Resorts hotels was hacked last summer. The hack was first reported by ZDNet on Wednesday, which said the stolen information was posted to a hacking forum this week. MGM confirmed the attack took place to the BBC. The data exposed included names, address, and passport numbers for former guests. MGM said it was…
Read More