Tag Archive for: paid

One paid out, one did not • The Register

/in


Feature The same cybercrime crew broke into two high-profile Las Vegas casino networks over the summer, infected both with ransomware, and stole data belonging to tens of thousands of customers from the mega-resort chains.

But despite the similar characters and plots, these two stories have disparate endings — and seem to suggest two very different takeaways to corporations confronted with extortionists’ demands and the question of paying or not paying a ransom.

The first, Caesar Entertainment, owns more than 50 resorts and casinos in Las Vegas and 18 other US states, disclosed the intrusion in an 8-K form submitted to the SEC on September 7.

In its report to the financial watchdog, Caesars cited a “social engineering attack on an outsourced IT support vendor,” which we now know was Okta, and said the crooks stole its customer loyalty program database, which contained a ton of personal information.

The casino owner also noted, in the filing, that it had “taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result.”

These steps are widely assumed to include paying a ransom — which was reportedly negotiated down to $15 million after an initial demand for $30 million.

Caesars did not respond to The Register‘s inquiries for this or previous stories about the ransomware infection.

What happens in Vegas…

From the outside, at least, it appears that Caesars suffered minimal pain and business disruption primarily because it decided to pay the ransom. Meanwhile, as Caesar’s breach became public, its neighboring resort and casino on the Vegas Strip entered its fourth day of inoperable IT systems and casinos following a “cybersecurity issue.”

That other company, of course, is MGM Resorts, which owns 31 hotel and casino locations globally. Like Caesars, MGM was also an Okta customer that fell victim to phishing attempts targeting its IT service teams.

Scattered Spider, the crime gang believed to be responsible for both intrusions, reportedly bragged that all it took to break into MGM’s networks was a 10-minute call with the help desk.

But unlike Caesars, MGM did not pay the ransom. MGM Resorts CEO Bill…

Source…

Top 12 Online Cybersecurity Online Courses for 2024 (Free and Paid)

/in


With so much online courseware on cybersecurity today, it can be a daunting task to narrow the top choices. To create this list of cybersecurity courses online, we talked to leading security professionals about what they recommend to newbies, computer science students, businesspeople and security pros looking to advance their careers.

When it comes to free cybersecurity courses online, keep in mind there’s no free lunch. Many free courses make students pay for a certificate on the back end, and online groups sometimes offer short seven-day or 30-day trials followed by a monthly subscription charge. Federal agencies, such as the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA), are great sources of free security information. And those new to the field should check out the National Cyber Security Alliance (NCSA).

For paid courses, we started with some of the favorites among hackers and security researchers and refer readers to MIT cyber training courses, as well as online courses at the University of Maryland Global Campus (UMGC), Western Governors University (WGU) and Cybrary. As a bonus, we also linked to the NSA’s Centers of Academic Excellence (CAE) courses. While not exclusively online, people seriously pursuing careers in security need to be aware of these courses and the fact that many programs offer online options in the wake of COVID-19.

Best of the free cybersecurity courses online

1. TryHackMe

TryHackMe features content for people new to cybersecurity and covers a broad range of topics, including training for offensive and defensive security. TryHackMe also has Capture the Flag exercises with walk-through write-ups by contributing users that let members see how to approach and solve problems. Four levels are available:

  1. Complete Beginners. For those with no computing knowledge and who are unsure of where to start.
  2. Early Intermediates. For those who have basic computing knowledge and have used Linux.
  3. Intermediates. For those who know how computers work and have basic security experience.
  4. Advanced. For those who work in cybersecurity and penetration testing.

TryHackMe also has…

Source…

Tesla Hackers Find ‘Unpatchable’ Jailbreak to Unlock Paid Features for Free

/in


Tesla Infotainment MCU Hack Blackhat

Tesla Infotainment MCU Hack Blackhat

A security researcher along with three PhD students from Germany have reportedly found a way to exploit Tesla’s current AMD-based cars to develop what could be the world’s first persistent “Tesla Jailbreak.”

The team published a briefing ahead of their presentation at next week’s Blackhat 2023. There, they will present a working version of an attack against Tesla’s latest AMD-based media control unit (MCU). According to the researchers, the jailbreak uses an already-known hardware exploit against a component in the MCU, which ultimately enables access to critical systems that control in-car purchases—and perhaps even tricking the car into thinking these purchases are already paid for.

Tesla Infotainment MCU Hack

Tesla Infotainment MCU Hack

“Tesla has been known for their advanced and well-integrated car computers, from serving mundane entertainment purposes to fully autonomous driving capabilities,” wrote the researchers in the briefing. “More recently, Tesla has started using this well-established platform to enable in-car purchases, not only for additional connectivity features but even for analog features like faster acceleration or rear heated seats. As a result, hacking the embedded car computer could allow users to unlock these features without paying.”

Separately, the attack will allow researchers to extract a vehicle-specific cryptography key that is used to authenticate and authorize a vehicle within Tesla’s service network.

According to the researchers, the attack is unpatchable on current cars, meaning that no matter what software updates are pushed out by Tesla, attackers—or perhaps even DIY hackers in the future—can run arbitrary code on Tesla vehicles as long as they have physical access to the car. Specifically, the attack is unpatchable because it’s not an attack directly on a Tesla-made component, but rather against the embedded AMD Secure Processor (ASP) which lives inside of the MCU.

It’s unclear of the specifics of this attack, at least until next week’s talk, but researchers say that they use “low-cost, off-the-self hardware” to accomplish it. This attack is complicated, but using a previous presentation at Black Hat 2022 given in part by Niklas Jacob…

Source…

Ransomware demands increasingly paid amid growing attack severity – SC Media

/in



Ransomware demands increasingly paid amid growing attack severity  SC Media

Source…