The financially driven hacker group responsible for the MGM Resorts attack, tracked under various aliases including UNC3944, has expanded its targets and monetization methods, according to Google-owned Mandiant. Since 2021, the group has targeted 100 organisations, predominantly in the US and Canada, primarily using SMS phishing campaigns. Mandiant observed the group shifted to lucrative ransomware tactics in 2023, typically exploiting employee credentials through phishing strategies and even calling help desks impersonating staff. The group has shown innovative targeting of victims’ cloud resources, which concerningly allows them to infiltrate sensitive systems.
Malware exploits Avast driver vulnerability to terminate security processes
An outdated, vulnerable driver from Avast is being exploited in a sophisticated cyberattack aimed at disabling security measures on targeted systems, according to cybersecurity firm
