CSTI
    ransomwareThe Ransomware Era (2020-Present) Daily Briefing Landmark Event

    Cybersecurity Briefing: MGM, Caesars Attacked; Critical CVEs Exploited

    Thursday, September 7, 2023

    # Lead Story: MGM and Caesars Under Siege

    On September 7, 2023, major cyberattacks targeted MGM Resorts and Caesars Entertainment, resulting in significant operational disruptions. MGM experienced a widespread shutdown of its computer systems, highlighting the vulnerability of critical infrastructure in the hospitality sector. Meanwhile, Caesars reportedly paid a substantial ransom of $15 million to regain access to their data after being compromised by the ALPHV and Scattered Spider groups. These incidents serve as stark reminders of the increasing audacity and sophistication of cybercriminals, particularly in high-profile industries.

    # Secondary Items

    Akira Ransomware Exploits Cisco Vulnerabilities

    The Akira ransomware group has been exploiting vulnerabilities in Cisco ASA and FTD products, reflecting a concerning trend in the sophistication of cyber threats. Additionally, a critical privilege escalation vulnerability (CVE-2023-29357) in Microsoft SharePoint has been reported, enabling attackers to impersonate administrative users. Immediate patching is essential to mitigate potential exploitation.

    Save the Children Data Breach

    A ransomware attack attributed to the BianLian group has targeted the Save the Children organization, with claims of stolen sensitive financial and personal records. This incident is part of a troubling trend as NGOs and educational institutions increasingly become victims of cyberattacks, emphasizing the need for robust cybersecurity practices across all sectors.

    # Analyst Perspective The events of September 7, 2023, illustrate a rapidly evolving threat landscape, with high-profile ransomware attacks and critical vulnerabilities coming to the forefront. Organizations in all sectors must prioritize their cybersecurity posture, employing advanced threat detection and incident response strategies to combat these escalating risks. The involvement of sophisticated threat actors like ALPHV, Scattered Spider, and BianLian underscores the need for continuous vigilance and adaptation in cybersecurity practices.

    Sources

    MGM Caesars Akira BianLian CVE-2023-29357