Google-owned Mandiant reports that the hacking group responsible for the MGM Resorts attack, known as UNC3944, is diversifying its targets and monetization strategies from SMS phishing (smishing) to ransomware deployment. The group, active since late 2021, typically uses smishing to obtain legitimate employee credentials. Mandiant projects the group will continue broadening its skills and may further develop monetization schemes.
Cyber agencies reveal top 15 routinely exploited vulnerabilities
Five countries’ cybersecurity agencies collaborated on a advisory for Common Vulnerabilities and Exposures (CVEs) frequently exploited in 2023.
