staying at the Excalibur for 7 days starting today , took me less than 5 minutes to get the room ,being platinum and always tipping helps, thay also upgraded me .

cant use resort credits i get with stay , but also dont have to. give much action as systems are down and they cant track your play anyway

Sent from my Pixel 6a using Tapatalk

If I want to work in cyber security protecting companies from this, what should I do

Indeed.com?

Skills and requirements obv. depend on what you want to do exactly.

Hack them so they know you are capable, and then instead of money, demand a job as ransom.

Start with Professor Messer's free videos on YouTube.

https://www.youtube.com/@professormesser

Security+ is a good baseline certification for cybersecurity.

If you find yourself lost on the terminology, you may need to do his A+ or Network+ classes to fill in any gaps. They are all titled by objective, so you can skill up in your weak areas and skip over the stuff you already know.

These CompTia certifications can be used as college credit for online universities like WGU. If you are disciplined enough to do self-study, WGU's Bachelors in Cyber Assurance is a great path and quite affordable. It's not for everyone though.

if you find that cybersecurity work isn't for you, you'll know pretty quick after watching some of Messer's videos.

Been listening to an interesting podcast series on The Lazarus Group, a North Korean backed elite hacking group, probably best known for the Sony breach and subsequent leaks, but also a bunch of other high profile cyber attacks and heists.

From hearing how they operate, I very much get the feeling having your employees on LinkedIn can be a pretty big leak!

There are entire toolkits devoted to harvesting open source info from LinkedIn.

The big thing that these groups are doing today is catfishing people with job offers for insane money, they'll offer virtual interviews --- and ask you to install a testing app on your machine.

This is obviously malware --- but this scam is fooling a lot of people on LinkedIn right now.

The thought is that if you target people on LinkedIn who appear to have the Keys to the Kingdom to a current organization, you could then perhaps hijack that persons access to the organization that currently employees them.

I have a feeling that many of these organizations, like MGM, will be forced to start spending low-end professional athlete money to get cyber security talent.

These groups behind these hacks are probably some of the talented and motivated system engineers on the planet.

As someone who has been responsible for finding talented and motivated engineers, it's not easy. Even for what you would consider an "Above average" salary for an area. Talented engineers aren't usually unemployed. That' s why there is an entire IT recruiting industry.

The other part of that equation is if a company like MGM brought in new IT talent, and new talent said to remove or replace significant portions of their systems, many organizations balk at these ideas... due to contractual obligations, vendor lock-in, or the fear of having to retrain employees on new systems or it could even be something like the sales rep is providing the execs with season tickets to sporting events.

ZIPrecruiter says CISSP holders make $120,000 a year on average. Probably a lot more in larger metros.

CISSP is probably the top Cyber certifications you can have in 2023.

So if you are an ethical security researcher, you can make $120,000 a year...

But if you are an unethical "Hacker".... just look at the ransomware numbers being thrown around.

There needs to be a bigger incentive to lure top cyber talent away from the dark side.

$120 is pretty low for mid level engineers in the US. If you wanted to hire FAANG level security talent, I'd imagine the salary would need to be more like $250 base. I doubt US based engineers are the folks doing these big heists.

There's not enough incentive for management to invest in security because there's no obvious profit until it hits the fan.

I presume you mean https://www.bbc.co.uk/programmes/w13...odes/downloads. I’ve started listening to this recently.

Yeh that's it, my internet was playing up so couldn't link it.

Can you please either just stop rotating or pick left or right ffs

Good news, probably means you're less likely to be schizophrenic or psychotic.
https://en.wikipedia.org/wiki/Hollow-Face_illusion

If you're interested in this sort of thing, Darknet Diaries is pretty entertaining and sort of informative.

At what point does a company facing a $50M ransom realize you can hire some top notch paramilitary outfits for $50M and go Terms of Enrampagement on a hacker group?

According to the SEC report "promptly", but it's always after it hits the fan. Meanwhile, mgmrewards.com still don't work.

Wouldn't be surprised if one of the hackers lost their ass on their last trip to Vegas and decided on a big time payback.

At some point this happens and it wont be pretty. Imagine if the mid-20th century casino owners were hacked like this.

you can just call the politican you pay and they will get the fbi on it

This requires you to know how to find them. If the hackers are good enough to break the casino systems, they're probably good enough to hide their identity and mask their location. Or, worse, fit someone they don't like up and have them take the violence.

This too

This post reminds me of the classic 'Poker is like a pipe' thread

Did they pay you to stay there? That's the biggest dump on the strip.

i get it comped for 13 out of 14 days with 500 in food credit every two weeks , staying here while we apartment hunt. i lucked out that i dont have to keep up play while here.

also, i tipped so got one of their better rooms (they exist)

also to update the situation.


mgm rewards till down ,they cant track your play , cant use comps, but they are manually letting people charge to the room.
big leak there as you can go with an id and charge to a fake room it seems as their system might not be able to see whos room it really is.


big mess for mgm, as everytime you wanna cash out, its handpay procedure.

Wait, are you talking about slot payouts? So if someone cashed out for $0.53 it’s hand pay? Every time?