all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

High-Stakes Identity Impersonation: Lessons From the MGM Attack

Add to bookmarks
Oct. 11, 2023, 5:34 p.m. | Michael Rothschild, VP of Product Marketing, HYPR

Security Boulevard securityboulevard.com




MGM Resorts recently found itself in the midst of a major cybersecurity incident that not only crippled its operations but also exposed sensitive customer data. The sophisticated attack orchestrated by a group known as Scattered Spider employed social engineering to the IT department to reset credentials. The attackers then gained access to the SSO, raised their identity credentials to super user level and then systematically got into other systems.


The post High-Stakes Identity Impersonation: Lessons From the MGM Attack appeared …

access attack attackers authentication credentials customer customer data cybersecurity cybersecurity incident data department engineering exposed found high identity identity & access impersonation incident major mgm mgm attack mgm resorts operations passwordless reset scattered spider security bulletin sensitive social social engineering spider

Visit resource

More from securityboulevard.com / Security Boulevard

Google Continues Mixing Generative AI into Cybersecurity an hour ago | securityboulevard.com
ai model cloud cloud security cloud service +37
HYPR and Microsoft Partner on Entra ID External Authentication Methods 3 hours ago | securityboulevard.com
authentication authentication methods can eam +17
2024 OWASP Mobile Top Ten Risks 4 hours ago | securityboulevard.com
api security api security - analysis application application security +19
Google Makes Implementing 2FA Simpler 4 hours ago | securityboulevard.com
2fa 2fa authenticator 2 factor authentication 2-step verification +29
RSAC 2024: IoT Security Questions (and Answers) 4 hours ago | securityboulevard.com
analysts blog breaches compliance +21
Danile Stori’s ‘Vulnerable Code’ 5 hours ago | securityboulevard.com
code daniel daniel stori humor +6
Balancing AI Workloads and Energy Demands with DCIM Software 5 hours ago | securityboulevard.com
applications article artificial artificial intelligence +21
Introducing Aembit Access Management for CI/CD Platforms 6 hours ago | securityboulevard.com
access access management actions aembit +17
Guts & Greed: How Bug Hunter Arrogance and Apathy Hurts Us All 6 hours ago | securityboulevard.com
amp apathy api hacking mindset application +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Principal Engineer - DLP Endpoint Security

@ Netskope | Bengaluru, Karnataka, India
View on infosec-jobs.com

Security Consultant (m/w/d)

@ Deutsche Telekom | Berlin, Deutschland
View on infosec-jobs.com

Security Engineer

@ IDEMIA | Haarlem, NL, 2031 CC
View on infosec-jobs.com

CyberSecurity Forensics and Incident Response Analyst

@ Bosch Group | Pittsburgh, PA, United States
View on infosec-jobs.com

Cyber MS MDR - Sr Associate

@ KPMG India | Bengaluru, Karnataka, India
View on infosec-jobs.com

Senior Lead Cybersecurity Architect-Threat modeling, Cryptography

@ JPMorgan Chase & Co. | India
View on infosec-jobs.com
View more jobs