Hotel and casino giant MGM Resorts has recently disclosed that it suffered a devastating hack attack, leading to significant financial losses and a data breach. The company estimates that the attack cost $110 million in lost revenue and mitigation expenses. This article delves into the details of the breach, explores the potential methods used by attackers, discusses the possibility of
A Gaza-based threat actor has been implicated in a series of cyber attacks targeting private-sector energy, defense, and telecommunications organizations in Israel. Microsoft recently revealed details about this malicious campaign, which it has been tracking under the name Storm-1133. The attacks have targeted not only Israeli sectors but also entities loyal to Fatah, a Palestinian nationalist political party based in
Ethereum’s recent surge in ether (ETH) staking, spurred by the Merge and Shanghai upgrades, has raised concerns surrounding centralization and reduced overall staking yields, according to a Thursday report by JPMorgan. Despite decentralized alternatives like Lido’s liquid staking platform, Ethereum’s increasing centralization poses risks to the network’s security and decentralized ethos. The rise of centralization in Ethereum Ethereum, a prominent
Hong Kong is currently deliberating measures to restrict retail stablecoin trading as a proactive response to the surging adoption of cryptocurrencies. With digital currencies gaining popularity, the city recognizes the need for comprehensive regulations to ensure investor protection and foster market stability. Currently, retail stablecoin trading is not authorized in Hong Kong, compelling a closer examination of potential restrictions and
The United States Cybersecurity and Infrastructure Security Agency (CISA) recently stirred controversy by removing several product flaws from Owl Labs from its Known Exploited Vulnerabilities (KEV) Catalog, prompting criticism and questioning from the security community. Among these flaws were vulnerabilities discovered last year by researchers at Swiss cybersecurity firm Modzero, which exposed inadequate encryption, hardcoded credentials, missing authentication, and improper
Breach Insurance, a Boston-based global insurance underwriter, has made an exciting announcement with the launch of its latest offering: Crypto Shield Pro. This innovative crypto custody insurance policy is specifically designed for institutional clients of crypto custody solutions. In a world where the security of digital assets is of paramount importance, this product aims to provide comprehensive coverage and protection
In today’s application security landscape, AppSec teams face significant challenges. The traditional AppSec solutions have struggled to adapt adequately to the cloud-native development environment, hindering their effectiveness. This article delves into the pressing issues faced by AppSec teams and explores the need for a modern approach to application security. Inadequacy of Existing AppSec Solutions in the Cloud-Native Development Environment As
The emergence of backdoored firmware on tens of thousands of Android devices has raised serious concerns among security experts. Human Security recently uncovered a sophisticated threat actor who employed supply chain compromise to infect the firmware of over 70,000 Android smartphones, CTV boxes, and tablet devices. Shockingly, these compromised products have been discovered on public school networks across the United
In today’s fast-paced and interconnected world, organizations are constantly seeking ways to accelerate software development and deployment. DevOps, a collaborative approach that combines development and operations teams, has become a popular solution. However, in the pursuit of speed and efficiency, security is often overlooked, leading to vulnerabilities and breaches. This article will delve into the importance of integrating security into
In a significant operation led by the FBI in late August, the infrastructure of the notorious Qakbot threat gang was dismantled. However, recent findings indicate that the group’s affiliates are still actively distributing ransomware through phishing campaigns, suggesting that the takedown may not have fully eradicated the threat. Campaign Conducted by Qakbot Affiliates Talos threat researchers have uncovered evidence pointing
Amazon Web Services (AWS), one of the leading cloud service providers globally, recently announced its decision to make multi-factor authentication (MFA) mandatory for all privileged accounts starting in mid-2024. This move comes as part of AWS’s ongoing efforts to enhance cybersecurity measures and protect user accounts from unauthorized access. By implementing MFA, AWS aims to strengthen the authentication process and
In a strategic move aimed at strengthening its foothold in Europe, leading cryptocurrency exchange Kraken has announced its intention to acquire Coin Meester B.V. (BCM), a prominent digital asset broker based in the Netherlands. The decision comes on the heels of the recent implementation of the European Union’s Markets in Crypto-Assets (MiCA) regulatory framework, which governs the operations of crypto
