Amid MGM, Caesars Incidents, Attackers Focus on Luxury Hotels

A fast-growing cyber campaign solely takes aim at luxury hotel and resort chains, using security-disruptive tactics to spread info-stealing malware. [TechWeb]( Follow Dark Reading: [RSS]( September 27, 2023 LATEST SECURITY NEWS & COMMENTARY [Amid MGM, Caesars Incidents, Attackers Focus on Luxury Hotels]( A fast-growing cyber campaign solely takes aim at luxury hotel and resort chains, using security-disruptive tactics to spread info-stealing malware. [Researchers Uncover RaaS Affiliate Distributing Multiple Ransomware Strains]( Ransomware-as-a-service affiliate ShadowSyndicate is unusual for the size of its malicious infrastructure and the fact that it's distributing seven different ransomware strains. [Suspicious New Ransomware Group Claims Sony Hack]( A deceitful threat actor claims its biggest haul yet. But what, if any, Sony data does it actually have? [Proactive Security: What It Means for Enterprise Security Strategy]( Proactive Security holds the elusive promise of helping enterprises finally get ahead of threats, but CISOs must come to grips with the technological and philosophical change that it brings. [4 Pillars for Building a Responsible Cybersecurity Disclosure Program]( Responsible disclosure must strike a balance between the immediate need to protect users and the broader security implications for the entire community. [Chad Taps Huawei for Digital Modernization Project]( Fiber optic networks and better connectivity for Chad's users are part of the ICT modernization project with the Chinese networking giant. [(Sponsored Article) How to Interpret the 2023 MITRE ATT&CK Evaluation Results]( Unpack MITRE's methodology, understand the results, and learn top takeaways from Cynet's evaluation of MITRE's annual security vendor tests. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Akira Ransomware Mutates to Target Linux Systems]( The newly emerged ransomware actively targets both Windows and Linux systems with a double-extortion approach. [Xenomorph Android Malware Targets Customers of 30 US Banks]( The Trojan had mainly been infecting banks in Europe since it first surfaced more than one year ago. [Changing Role of the CISO: A Holistic Approach Drives the Future]( The CISO's role has grown far beyond supervising Patch Tuesday to focus on prevention and response and to cover people, processes, and technology. [The Hot Seat: CISO Accountability in a New Era of SEC Regulation]( Updated cybersecurity regulations herald a new era of transparency and accountability in the face of escalating industry vulnerabilities. [MORE]( EDITORS' CHOICE [MOVEit Flaw Leads to 900 University Data Breaches]( National Student Clearinghouse, a nonprofit serving thousands of universities with enrollment services, exposes more than 900 schools within its MOVEit environment. LATEST FROM THE EDGE [Do CISOs Have to Report Security Flaws to the SEC?]( The new SEC rules make it seem that there is no need to report the presence of security vulnerabilities, but that doesn't quite tell the full story. LATEST FROM DR TECHNOLOGY [HD Moore's Discovery Journey]( Metasploit creator's shift into enterprise asset discovery and passive scanning with startup runZero is a natural evolution of his exploratory cyber career. LATEST FROM DR GLOBAL [UAE-Linked 'Stealth Falcon' APT Mimics Microsoft in Homoglyph Attack]( The cyberattackers are using the "Deadglyph" custom spyware, whose full capabilities have not yet been uncovered. WEBINARS - [Using AI in Application Security Tooling]( As AI continues to improve, security vendors are considering how they can use AI to protect applications. In web application and API security tooling used to protect production environments, AI/ML can be used to enhance and complement existing tactics ... - [Tips for A Streamlined Transition to Zero Trust]( From identifying the potential attack surface to determining policy, there is a clear path to zero trust and best practices to make the transition as smooth as possible - both for your organization and your customers. Zero trust is more ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Crucial Considerations when Enabling Secure Industrial Digital Transformation]( - [Causes and Consequences of IT and OT Convergence]( - [Evaluating SASE for the Work-From-Anywhere Era]( - [Work From Anywhere Doesn't Have to Be Complicated]( - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [Rediscovering Your Identity]( - [Cybersecurity in 2023 and beyond: 12 leaders share their forecasts]( [View More White Papers >>]( FEATURED REPORTS - [What Ransomware Groups Look for in Enterprise Victims]( Ransomware attackers cast a wide net -- they just care about causing damage, making money, and gaining new victims. That means no organization is automatically immune to attack just because of its size or industry. Organizations need to take steps ... - [Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware]( - [Successfully Managing Identity in Modern Cloud and Hybrid Environments]( Cloud promised to simplify the security and management of enterprise systems. In many ways it has, but when it comes to identity management it's as complicated as ever. This report details how to get identity programs on track -- and ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Catalyte Leverages Google Career Certificates to Expand Cybersecurity Apprenticeship Opportunities]( [Maine Department of Labor to Announce the Launch of University of Maine at Augusta Cybersecurity and IT Registered Apprenticeship Program]( [Delinea Secret Server Introduces MFA Enforcement at Depth to Meet Cyber Insurance Requirements]( [Cyemptive Technologies Expands Operations in the Middle East and the Americas]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [What Ransomware Groups Look for in Enterprise Victims]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=118409&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_09.27.23&sp_cid=49942&utm_content=DR_NL_Dark%20Reading%20Daily_09.27.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#57 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)