The MGM Resorts incident is now believed to be ransomware, and how does that inform our view of Materiality of a cyber incident? MetaStealer targets businesses. Cloud access with stolen credentials. The cloud as an expansive attack surface. Johannes Ullrich from SANS describes malware in dot-inf files. In our Industry Voices segment Dave speaks with Oliver Tavakoli, CTO at Vectra, on the complexity and challenges of cloud service security. And welcome back, or not, Your Highness the Large Language Model, Prince of Nigeria.

For links to all of today's stories check out our CyberWire daily news briefing:

https://thecyberwire.com/newsletters/daily-briefing/12/176

Selected reading.

Caesars Entertainment Paid Millions to Hackers in Attack (Bloomberg) 

Caesars Paid Ransom After Suffering Cyberattack (Wall Street Journal) 

The Cyberattack That Sent Las Vegas Back in Time (Wall Street Journal) 

Pro Take: MGM Casino Hack Shows Challenge in Defending Connected Tech (Wall Street Journal) 

ALPHV Ransomware Used Vishing to Scam MGM Resorts Employee, Researchers (Hackread)

FBI probing MGM Resorts cyber incident as some casino systems still down (Reuters) 

MGM Resorts says cyberattack could have material effect on company (NBC News) 

MGM Resorts cybersecurity breach could cost millions, expert says (KLAS) 

MGM Resorts shuts down some systems because of a “cybersecurity issue.” (Updated.) (CyberWire)

macOS Info-Stealer Malware 'MetaStealer' Targeting Businesses (SecurityWeek) 

“Authorized” to break in: Adversaries use valid credentials to compromise cloud environments (Security Intelligence) 

Unit 42 Attack Surface Threat Report (Palo Alto Networks)

The Nigerian Prince is Alive and Well: Cybercriminals Use Generative… (Abnormal) 

Learn more about your ad choices. Visit megaphone.fm/adchoices