Replier attacks: the latest tool in a hacker’s arsenal.
This week, Jeremy Fuchs from Avanan joins Dave to discuss how hackers are using replier attacks. Replier attacks are attacks in which hackers change the reply-to address to send emails from what appears to be a reputable company, when in reality it’s a spoofed account. Joe and Dave share some follow up from listeners Wayne who writes in with some comments on episode 245, and listener Michael, who writes about his first ChatGPT experience. Dave’s story follows the alarming new trend happening, where sextortionists are making AI nudes from people’s social media images. Joe’s story uncovers the social engineering trick hackers use from their personal scammers handbook. Our catch of the day comes from listener Tim, who shares a message from a “dear friend.” Read More
China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers
China’s Ministry of State Security (MSS) has accused the U.S. of breaking into Huawei’s servers, stealing critical data, and implanting backdoors since 2009, amid mounting geopolitical tensions between the two countries.
In a message posted on WeChat, the government authority said U.S. intelligence agencies have "done everything possible" to conduct surveillance, secret theft, and intrusions on Read More
The Hacker News | #1 Trusted Cybersecurity News Site
Caesars Entertainment Hacked: Over 6TB of Data Stolen
Caesars Entertainment Inc. has reportedly paid a substantial sum to hackers who infiltrated the company’s systems and threatened to release sensitive data.
This breach follows closely on the heels of another cyberattack on MGM Resorts International.
Caesars Entertainment has not officially commented on the situation, but after Bloomberg News initially reported the cyberattack, the company disclosed it in a regulatory filing.
This revelation had a minimal impact on the company’s stock, with shares remaining relatively unchanged.
Attend the Live DDoS Website & API Attack Simulation webinar to gain knowledge on various types of attacks and how to prevent them.
In Caesars’ case, the hackers first breached an external IT vendor before infiltrating the company’s network.
The timeline of the attack indicates that Caesars was targeted as early as August 27. Notably, members of this hacking group are believed to be relatively young, with some individuals as young as 19 years old, residing in the US and the UK.
The attackers managed to steal sensitive data from Caesars’ loyalty program members, including driver’s licenses and social security numbers, as confirmed by the company in their regulatory filing.
Typically, hacking groups demand cryptocurrency as ransom in exchange for stolen data.
Some employ ransomware tactics to lock up computer files, offering decryption keys only upon payment.
In recent cases, hackers have chosen to steal data and demand payment, threatening to publish the information if their demands are unmet.
Caesars has stated that they’ve taken measures to ensure unauthorized actors delete the stolen data, though they cannot guarantee this outcome.