Home Malware Scattered Spider ransomware gang falls under government agency scrutiny | Malware

Scattered Spider ransomware gang falls under government agency scrutiny | Malware

Malware

Anxious Looking Spider.jpg

As you may have read in our November Ransomware Review, Scattered Spider is a relatively new, albeit dangerous, ransomware gang who made headlines in September for attacking MGM Resorts and Caesar Entertainment. For small security teams, one of the most important findings about the group is their use of Living Of The Land (LOTL) techniques to avoid detection: Scattered Spider aka Octo Tempest employs everyday tools like PowerShell for reconnaissance and stealthily alters network settings to bypass security measures. They also exploit identity providers and modify security systems, blending their malicious activities with normal network operations.

In a joint cybersecurity advisory (CSA) on Tuesday, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) provided detailed information about the techniques leveraged by Scattered Spider. The advisory was issued in response to the recent activity by Scattered Spider against the commercial facilities sector and subsectors.

CISA and the FBI consider Scattered Spider to be experts that use multiple social engineering techniques, especially phishing, push bombing, and SIM swap attacks, to obtain credentials, install remote access tools, and bypass multi-factor authentication (MFA).

Push bombing is a targeted MFA attack in which an attacker triggers multiple login attempts against the target’s single-sign-on (SSO) portal or publicly exposed corporate apps and services. The objective is that the target will grow tired of the notifications or make a mistake and allow the access.

SIM swapping, also known as SIM jacking, is the act of illegally taking over a target’s cell phone number. This can be done in a number of ways, but one of the most common methods…

read more www.malwarebytes.com

FTC: We use income earning affiliate links. More on Sposored links.
Terms of use and third-party services. More here.

“The adventure of life is to learn. The purpose of life is to grow. The nature of life is to change. The challenge of life is to overcome. The essence of life is to care. The opportunity of like is to serve. The secret of life is to dare. The spice of life is to befriend. The beauty of life is to give.” —William Arthur Ward

Related Posts

00ixaidywf70eisepars9v0 1.fit Lim.size 1200x630.v1701262622.jpg
Malware

Use Google Chrome? Update Your Browser Immediately | Tech Video

1701192961657.jpeg
Malware

Ransomware gangs and Living Off the Land (LOTL) attacks: A deep dive | Malware

Header 2.png
Malware

ownCloud vulnerability can be used to extract admin passwords | Malware

Weinar.jpg
Malware

Transform Your Data Security Posture – Learn from SoFi’s DSPM Success | Cybersecurity

Password.jpg
Malware

How Hackers Phish for Your Users’ Credentials and Sell Them | Cybersecurity

Macos Malware.jpg
Malware

N. Korean Hackers ‘Mixing’ macOS Malware Tactics to Evade Detection | Cybersecurity