 MGM has finally managed to restore their systems to normal functionality after a massive ransomware and data theft attack which left most of MGM's electronic equipment offline, including slot machines, video poker machines and other electronic games for as long as 10 days. Wow, that's a long time to have your systems restored after a hacking incident. And this timeline also contradicts the one that we were officially given by MGM themselves. The company made an announcement on Wednesday afternoon on the blog site formally known as Twitter that their systems were restored but other people on the same platform were still reporting issues with the company's website and with their app when they tried to cash out their winnings. Now obviously these ransomware attacks are on the rise and these days the incidents usually end up being a very in-depth attack where hackers first penetrate your network and then they escalate privileges as far as they can usually to domain admin or global administrator depending on the system and they'll also try to target your backups because they know that if you have automatic backups that are going every day to a high-speed NAS which with the low cost of SSDs and 10 gigabit ethernet are becoming more common these days, if you have one restoring all your systems on your LAN can be done very quickly but only if that NAS doesn't get compromised itself which is likely to happen if a threat actor gets full administrative access to your network. Now we knew early on that MGM and Caesars were bringing on outside security firms as well as the SEC and FBI to help them with containing these incidents. The alphabet boys getting involved is pretty standard procedure with licensed casinos but getting the extra third-party infosec involvement as well as the 10-day timeline to restore these systems tells me that MGM did not have a plan for something of this magnitude and since the ATMs at the casino and hotel had to be taken offline MGM was basically cut down at their knees with no way to really make any money they were also losing a lot of money on comps for rooms because they had to basically go and prim and check people in with pen and paper so the outages that MGM experienced along with all of these comps were estimated to cost the company about 80 million dollars over the last 10 days. Now MGM as a company is valued at about 40 billion dollars their annual revenue is about 14 billion and they also apparently have hacker insurance for up to 200 million dollars so I'm sure that they can shrug off this incident financially but to me these incidents look like they could be the beginning of a string of attacks or heist against casinos and similar businesses. The prospect of losing millions of dollars a day due to your ATMs and game machines being down means the temptation to actually pay the ransom is much higher with these casinos than other companies and it also makes for a really good story when you have these hackers that are robbing a casino it's kind of like robbing a bank and you know it also carries this sort of moral thing with it where it's like robin hood right you're robbing the rich to give back to the poor although it is worth mentioning that Alf V is not charitable they're not giving back to the poor you know they mentioned that when they were grilling all these fake news outlets that were saying that they hacked the casino's slot machines and they're making them spill out coins onto the floor no these guys they kept that millions of dollars in ransom for themselves because they managed to get 15 million dollars in ransom paid by Caesars Entertainment which is a pretty good hit if you're a hacker I mean certainly it's enough for you to retire if you're living in some of these countries that a lot of these hackers come from but if your business has high revenue and low digital opsec like these casinos it's a perfect target for these ransomware and data expulsion attacks now it may be more understandable that these companies didn't have the best digital opsec you know their security incidents probably revolve more around cheaters most days uh and you can take care of them the old fashion way right just take them down into the basement of the casino and break their hands but when trillion dollar companies like Microsoft have security incidents caused by low hanging fruit like unsecured azure tokens those incidents are a lot less excusable a new report from wiz.io found a data exposure in Microsoft's AI GitHub repository which included 30 000 internal Microsoft Teams private keys passwords backups and this was weighing in at more than 38 terabytes of private company data and to make things worse apparently this data was exposed for a long time it was exposed for three years from like late july of 2020 to early july 2023 the misconfigured token also allowed for full control over the files instead of just limiting the permissions to read only meaning a malicious user could have modified these files they could have deleted them or renamed them as they pleased now this is particularly concerning because this particular misconfigured storage container is originally supposed to be used to provide training data for Microsoft's neural networks and the thing about neural networks debugging them can prove very difficult and so it's very important to make sure that the data they're being trained on is actually good which might be a little bit harder to do now that this drive has been exposed for so long for example with the full self-driving neural network that can be purchased in many of the teslas Elon Musk mentioned that for stopping at red lights training it to stop at red lights and stop signs they were only able to train the self-driving AI on less than 1% of the video data that they were capturing from tesla owners because most drivers don't make a full stop at stop signs you know they only slow down to a few miles per hour and then make a turn or go through so if someone were to poison the training data set for your neural network or large language model they could create bugs that are so obscure in the finished program that your only choice to fix them might be to start from scratch with new training data because these data sets are so huge that finding misconfigurations in them is going to be like finding a needle in a haystack you know it's funny how over the last year or two when AI became this new popular thing that people were having a good time with their GPTs and their deep fakes but then big tech and big government stepped in and said hold on we need regulations for this AI stuff we need rules and regulations rules for thee but not for me because it's really only dangerous for the peasants to have unrestricted access to AI but yet here we are with what is probably the biggest data leak that's related to AI training so far and the fault is at the Microsoft corporation hopefully the leaked data contains some secret sauce training models that can be used to create some kind of FOS AI which I think people really deserve considering that most of these training models most of this training data is just scraped from public information on the internet you know really this AI wouldn't be possible without the freedom of the internet so the people of the internet really should be the ones controlling it both collectively and individually like what we see with free software but let me know in the comments below what you guys think about these data breaches do you think that hackers are going to start hitting casinos more and more often and are we going to start seeing more massive data leaks from these companies that are storing all this AI data and trying to rush to create their own large language models in their own AIs please leave a like and share this video in order to hack the algorithm and also check out my website based on when where you can buy the Libre t-shirt and I've also got other hats and hoodies that are available for the fall and winter season and as always discounts are available store-wide when you shop with Monero XMR have a great day