Weekly News Roundup September 11-15, 2023

Posted on by Kacy Zurkus

What happens in Vegas might not always stay in Vegas, especially when it comes to cyberattacks! Luck certainly wasn’t a lady at MGM Resorts this week. On Monday, downed MGM sites provoked whispers of a potential attack, but when MGM Resorts tweeted about launching an investigation with leading external cybersecurity experts, it wasn’t long before the “cybersecurity issue” made The New York Times.


According to Security Week, the hacking group dubbed Scattered Spider have hit Las Vegas like high rollers on a hot streak. The group not only claimed responsibility for the MGM hack, but researchers at Mandiant said Scattered Spiders, “has targeted at least 100 organizations, mostly in the United States and Canada…[and] typically engages in SMS phishing campaigns (smishing) but has been broadening its skills and arsenal of tools and is expected to start targeting more industries.


MGM hasn’t been the only resort dealt a losing hand this month. As its investigation gets underway, Ceasars Entertainment has confirmed that a social engineering attack detected on September 7, 2023 gave malicious actors access to customer PII including driver’s licenses and social security numbers. 


I feel the makings of a security awareness video are at play with Lady Gaga’s Poker Face as the theme song, but I’ll leave that to the more creatives to work on. To learn more about social engineering, explore the content available in our Library.


Now let’s look at what else made industry headlines this week.


Sep. 15: The IT systems of water companies along the US-Canada border have reportedly been the target of NoEscape, a ransomware group threatening to leak stolen data.

Sep. 15: Politico reported, “A recent Chinese-linked hack of U.S. government emails detected in June may have gone unnoticed for much longer were it not for an enterprising government IT analyst.

Sep. 14: The Health Sector Cybersecurity Coordination Center (HC3) issued a sector alert about Akira ransomware group, which has claimed more than 60 victims across multiple sectors, including healthcare, finance, real estate, and manufacturing,” Health IT Security reported.

Sep. 14: Several journalists who work for Russian news outlets have allegedly had their cellphones infected with Pegasus surveillance spyware.

Sep. 13: A cybercriminal known as USDoD leaked sensitive data of more than 3,000 Airbus employees, which they reportedly accessed by using stolen credentials from a downline vendor. 

Sep. 12: According to news from NextGov, “Nine national labs will split $39 million in new federal investment, with projects leveraging cloud-based software and AI systems in cybersecurity for U.S. utility companies.

Sep. 12: Joint government agencies released a Cybersecurity Information Sheet to help organizations understand the threat of synthetic media, including deepfakes.

Sep. 11: “Cybersecurity firm ESET has detected a significant supply chain attack targeting macOS devices. The Lazarus Group, known for its advanced cyber operations, was reportedly behind this breach,” Infosecurity Magazine reported.

Kacy Zurkus

Senior Content Manager, RSA Conference

RSAC Insights

ransomware social engineering data security data loss prevention cyberattacks business continuity & disaster recovery Cyber-Physical Systems Disinformation Campaigns / Fake News PII security awareness

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community

Related Blogs