Fiona Simmons reports: A tribal casino hotel in Minnesotahas become the latest victim of cybercrime targeting the gambling sector. Because of that, the property was forced to temporarily shut down many of its systems until the problem was resolved. The Junction Casino Hotel, a property in the Lower Sioux Indian Community, just suffered a cybersecurity breach. As…
Category: Malware
National Defense Corporation victim of ransomware attack; discloses breach and declines to pay any ransom.
According to National Defense Corporation (NDC), AMTEC is a manufacturer of lethal and non-lethal ammunition, explosives, and cartridges for military and law enforcement use. They write, “Globally, AMTEC is the largest volume producer of 40mm Grenade Ammunition and Fuzing. Their capabilities include precision assembly, explosive load, assemble and pack, metal forming and plating, and primary…
How the FBI Tracked, and Froze, Millions Sent to Criminals in Massive Caesars Casino Hack
Joseph Cox of 404 Media in collaboration with Court Watch writes: The FBI managed to track down and freeze millions of dollars of cryptocurrency Caesars Entertainment sent to a group of hackers that held the casino’s computer systems ransom, according to a 404 Media and Court Watch review of a recently unsealed court document. According…
Cyber-crew claims it cracked American cableco, releases terrible music video to prove it
Iain Thomson reports: A cyber-crime ring calling itself Arkana has made a cringe music video to boast of an alleged theft of subscriber account data from Colorado-based cableco WideOpenWest (literally, WOW!) The video features gloomy music plus narration and text in Russian that claims – which screenshots of what looks like compromised internal WOW! systems –…
Blacklock Ransomware: A Late Holiday Gift with Intrusion into the Threat Actor’s Infrastructure
As seen on Resecurity’s blog, and where they are entitled to take a victory lap: Dubbed “BlackLock” (aka “El Dorado” or “Eldorado“), the ransomware-as-a-service (RaaS) outfit has existed since March 2024. In Q4 of last year, it increased its number of data leak posts by a staggering 1,425% quarter-on-quarter. According to independent reporting, a relatively new group has rapidly accelerated…
Shifting the sands of RansomHub’s EDRKillShifter
Jakub Souček and Jan Holman report: The RansomHub ransomware-as-a-service (RaaS) operation affiliates were linked to established gangs Medusa, BianLian, and Play, which share the use of RansomHub’s custom-developed EDRKillShifter. ESET researchers take a look back at the significant changes in the ransomware ecosystem in 2024 and focus on the newly emerged and currently dominating ransomware-as-a-service…