* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Friday, August 8, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    Peacock’s Biggest Action Show Streams 2 New Episodes Sooner Than You Think – yahoo.com

    Peacock’s Hottest Action Show Drops 2 New Episodes Sooner Than Expected!

    Themed Entertainment Design – Purdue Polytechnic

    Innovative Themed Entertainment Design: Creating Immersive Experiences

    Rachael Leigh Cook and Brandon Routh ‘Happy to Have Found Each Other’ Following Respective Divorces – yahoo.com

    Rachael Leigh Cook and Brandon Routh ‘Happy to Have Found Each Other’ Following Respective Divorces – yahoo.com

    ‘Billie Jean’ – Hyde Park Herald

    The Enduring Magic Behind ‘Billie Jean’ Revealed

    Hank Hill returns to a changed world in new ‘King of the Hill’ episodes – New Haven Register

    Hank Hill Navigates a Bold New World in Thrilling New ‘King of the Hill’ Episodes

    Exclusive | Fox Takes Stake in IndyCar Owner Penske Entertainment – The Wall Street Journal

    Exclusive | Fox Takes Stake in IndyCar Owner Penske Entertainment – The Wall Street Journal

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    MBU showcases student work at Occupational Therapy Technology Fair – WHSV

    Discover the Most Innovative Student Projects at the Occupational Therapy Technology Fair

    BlackSky Technology Inc. (BKSY) Reports Q2 Loss, Lags Revenue Estimates – Yahoo Finance

    BlackSky Technology Inc. Reports Q2 Loss, Misses Revenue Targets

    Improved Technology Access: A Key to Closing the Healthcare Gap for African Americans – BIOENGINEER.ORG

    LMI Expands Technology Org, Appoints New Leaders – GovCon Wire

    LMI Expands Technology Team with Dynamic New Leadership Appointments

    Midland Innovation and Technology Charter School closing down – CBS News

    Midland Innovation and Technology Charter School Closes Permanently

    Future Trends In HR Technology – Dataconomy

    Future Trends In HR Technology – Dataconomy

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    Peacock’s Biggest Action Show Streams 2 New Episodes Sooner Than You Think – yahoo.com

    Peacock’s Hottest Action Show Drops 2 New Episodes Sooner Than Expected!

    Themed Entertainment Design – Purdue Polytechnic

    Innovative Themed Entertainment Design: Creating Immersive Experiences

    Rachael Leigh Cook and Brandon Routh ‘Happy to Have Found Each Other’ Following Respective Divorces – yahoo.com

    Rachael Leigh Cook and Brandon Routh ‘Happy to Have Found Each Other’ Following Respective Divorces – yahoo.com

    ‘Billie Jean’ – Hyde Park Herald

    The Enduring Magic Behind ‘Billie Jean’ Revealed

    Hank Hill returns to a changed world in new ‘King of the Hill’ episodes – New Haven Register

    Hank Hill Navigates a Bold New World in Thrilling New ‘King of the Hill’ Episodes

    Exclusive | Fox Takes Stake in IndyCar Owner Penske Entertainment – The Wall Street Journal

    Exclusive | Fox Takes Stake in IndyCar Owner Penske Entertainment – The Wall Street Journal

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    MBU showcases student work at Occupational Therapy Technology Fair – WHSV

    Discover the Most Innovative Student Projects at the Occupational Therapy Technology Fair

    BlackSky Technology Inc. (BKSY) Reports Q2 Loss, Lags Revenue Estimates – Yahoo Finance

    BlackSky Technology Inc. Reports Q2 Loss, Misses Revenue Targets

    Improved Technology Access: A Key to Closing the Healthcare Gap for African Americans – BIOENGINEER.ORG

    LMI Expands Technology Org, Appoints New Leaders – GovCon Wire

    LMI Expands Technology Team with Dynamic New Leadership Appointments

    Midland Innovation and Technology Charter School closing down – CBS News

    Midland Innovation and Technology Charter School Closes Permanently

    Future Trends In HR Technology – Dataconomy

    Future Trends In HR Technology – Dataconomy

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

Las Vegas mainstay Caesars Palace likely paid off ransomware crew

September 17, 2023
in Technology
Las Vegas mainstay Caesars Palace likely paid off ransomware crew
Share on FacebookShare on Twitter

Caesars Entertainment, owner of the lavish Roman Empire-themed Caesars Palace casino in Las Vegas, has revealed it also suffered a ransomware attack, and appears to have paid off its hackers

Alex Scroxton

By

Alex Scroxton,
Security Editor

Published: 15 Sep 2023 12:35

Caesars Entertainment, operator of the venerable Las Vegas casino Caesars Palace, has revealed that it paid a significant sum of money to its attackers following a recent ransomware attack, which was possibly the work of the same threat actor that breached competitor MGM Resorts using the ALPHV/BlackCat ransomware.

In a filing made to the US Securities and Exchange Commission (SEC), Caesars Entertainment said it initially became aware of the incident after identifying suspicious activity on its network. The subsequent investigation, which concluded on 7 September, found that the organisation was breached via a social engineering attack on an outsourced IT support supplier.

Its customer-facing operations, hotels, and online and mobile gaming services were not affected, however, Caesars Entertainment found that its attacker was able to purloin a copy of its loyalty programme database, including driver’s licence and social security numbers of thousands of guests and gamblers, although there is currently no evidence that any financial data was stolen. It is in the process of notifying victims.

Caesars Entertainment went on to make a statement that strongly implies it negotiated and paid at least part of the ransom demanded by its attacker.

It said: “We have taken steps to ensure that the stolen data is deleted by the unauthorised actor, although we cannot guarantee this result. We are monitoring the web and have not seen any evidence that the data has been further shared, published, or otherwise misused.”

According to reports, the ransom paid may have been as much as $15m, negotiated down from $30m, although this is unconfirmed.

Nevertheless, the apparent admission of ransom payment, which runs contrary to all accepted best practice, may store trouble for the entertainment giant, given strict regulatory policies implemented by the US government’s Office of Foreign Assets Control (OFAC) three years ago, which made making or facilitating ransomware payments a potential sanctions risk under US law.

High-rolling threat actor

Caesars Entertainment did not disclose any details of the group that extorted it, but given the near-simultaneous incident affecting its neighbours at MGM Resorts – and the fact that both incidents appear to have begun via social engineering – the attack is being widely linked to a threat actor tracked by Google Cloud’s Mandiant as UNC3944, using the ALPHV/BlackCat locker.

Also known as 0ktapus, Scattered Spider and Scatter Swine, UNC3944 made a name for itself in 2022 via an audacious series of social engineering attacks exploiting the trust that customers of identity and access management (IAM) specialist Okta placed in the brand.

Note that there is no firm evidence that implicates Okta in the incidents at either MGM Resorts or Caesars Entertainment, although a new wave of social engineering attacks against its customers was reported earlier this month and an as-yet unsubstantiated claim has been made in this regard by those claiming to be behind the MGM attack. Computer Weekly has contacted Okta for comment.

The high-rolling UNC3944 gang got its start conducting phone-based social engineering and SMS phishing (smishing) attacks, but according to Mandiant’s latest intelligence, it pivoted to deploying ransomware in summer 2023, and in the process expanded its targeting beyond the tech industry to include firms in the entertainment, hospitality, media and retail sectors.

It has also become more tightly focused on stealing sensitive data for extortion purposes, and in a change to the scheduled programme, may not actually be based in Russia – it demonstrates a competent understanding of Western business practices and many members are likely native English speakers.

Mandiant said the group works to “an extremely high operational tempo”, accessing critical systems and stealing large volumes of data very fast. This factor may be designed to “overwhelm” security response teams.

After gaining initial access via social engineering, UNC3944 enlists commercial residential proxy services to access their victims from the same geographical area, an attempt to fool monitoring tools looking out for suspicious traffic from elsewhere, and legitimate software including remote access tools.

Its operatives also dedicate significant resource to rooting out information that may help them escalate their privileges and maintain persistence, often targeting password management tools and privileged access management (PAM) systems to do so.

It has been frequently observed creating unmanaged virtual machines (VMs) in victim environments to launch attacks – in some cases these VMs are created inside victims’ cloud environments and are internet-accessible.

“We anticipate that intrusions related to UNC3944 will continue to involve diverse tools, techniques and monetisation tactics as the actors identify new partners and switch between different communities”

Mandiant researchers

When it’s time to deploy a ransomware locker, UNC3944 likes to target business-critical VMs and other systems to cause as much pain as possible, and ramps up the pressure by leaving threatening notes on compromised systems, bombarding executives with text messages and emails, and infiltrating internal comms channels used for incident response.

“UNC3944 is an evolving threat that has continued to broaden its skills and tactics in order to successfully diversify its monetisation strategies,” said Mandiant’s researchers.

“We expect that these threat actors will continue to improve their tradecraft over time and may leverage underground communities for support to increase the efficacy of their operations.

“UNC3944’s initial successes likely emboldened it to expand its TTPs to more disruptive and profitable attacks, including ransomware and extortion. It is plausible that these threat actors may use other ransomware brands and/or incorporate additional monetisation strategies to maximise their profits in the future.

“We anticipate that intrusions related to UNC3944 will continue to involve diverse tools, techniques and monetisation tactics as the actors identify new partners and switch between different communities,” they added.

Read more on Data breach incident management and recovery


Caesars Entertainment breached in social engineering attack

AlexanderCulafi

By: Alexander Culafi


BlackCat on the hook for cyber attack that crippled Vegas casinos

AlexScroxton

By: Alex Scroxton


US casino giant MGM Resorts battles 36-hour outage after cyber attack

AlexScroxton

By: Alex Scroxton


Okta: 4 customers compromised in social engineering attacks

ArielleWaldman

By: Arielle Waldman

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : Computer Weekly – https://www.computerweekly.com/news/366552124/Las-Vegas-mainstay-Ceasars-Palace-likely-paid-off-ransomware-crew

Tags: mainstaytechnologyVegas
Previous Post

Number of UK contactless payments rose by 30% last year

Next Post

Chatham Rock Phosphate posts Korella North NI 43-101 resource estimate, Australia

Netflix Scores Canadian Rights To FIFA Women’s World Cup For Next Two Tournaments – Deadline

Netflix Scores Canadian Rights To FIFA Women’s World Cup For Next Two Tournaments – Deadline

August 8, 2025
Professor Emeritus Peter Temin, influential and prolific economic historian, dies at 87 – MIT News

Renowned Economic Historian Professor Peter Temin Passes Away at 87

August 8, 2025
Peacock’s Biggest Action Show Streams 2 New Episodes Sooner Than You Think – yahoo.com

Peacock’s Hottest Action Show Drops 2 New Episodes Sooner Than Expected!

August 8, 2025
Nebraska doctors struggling with mental health issues had nowhere to go, until now – KSNB

Nebraska doctors struggling with mental health issues had nowhere to go, until now – KSNB

August 8, 2025
White House readies order to fine banks for dropping clients over politics, WSJ reports – Reuters

White House readies order to fine banks for dropping clients over politics, WSJ reports – Reuters

August 8, 2025
Icing‐related injuries in polar bears (Ursus maritimus) at high latitudes – Laidre – 2024 – Ecology – ESA Journals

Frozen Peril: The Devastating Impact of Icing Injuries on Polar Bears in the High Arctic

August 8, 2025
Carnegie Science Center launching new name in September – CBS News

Carnegie Science Center Unveils Exciting New Name This September

August 8, 2025
Petersburg youth explore Coho Creek for science education – Petersburg Pilot

Petersburg Youth Dive into Science with Hands-On Exploration of Coho Creek

August 8, 2025
Is there a path to healthier aging? What the latest research shows | Bodyworks – The Oklahoman

Is there a path to healthier aging? What the latest research shows | Bodyworks – The Oklahoman

August 8, 2025
MBU showcases student work at Occupational Therapy Technology Fair – WHSV

Discover the Most Innovative Student Projects at the Occupational Therapy Technology Fair

August 8, 2025

Categories

Archives

August 2025
MTWTFSS
 123
45678910
11121314151617
18192021222324
25262728293031
« Jul    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (760)
  • Economy (783)
  • Entertainment (21,660)
  • General (16,352)
  • Health (9,823)
  • Lifestyle (793)
  • News (22,149)
  • People (784)
  • Politics (793)
  • Science (15,996)
  • Sports (21,280)
  • Technology (15,763)
  • World (766)

Recent News

Netflix Scores Canadian Rights To FIFA Women’s World Cup For Next Two Tournaments – Deadline

Netflix Scores Canadian Rights To FIFA Women’s World Cup For Next Two Tournaments – Deadline

August 8, 2025
Professor Emeritus Peter Temin, influential and prolific economic historian, dies at 87 – MIT News

Renowned Economic Historian Professor Peter Temin Passes Away at 87

August 8, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version