digitalcourage.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Diese Instanz wird betrieben von Digitalcourage e.V. für die Allgemeinheit. Damit wir das nachhaltig tun können, erheben wir einen jährlichen Vorausbeitrag von 1€/Monat per SEPA-Lastschrifteinzug.

Server stats:

814
active users

#scatteredspider

4 posts3 participants0 posts today

Scattered Spider 🕷️ a loosely structured collective of young English‑speaking attackers, has re‑emerged in recent months, hitting airlines, insurers, and retailers. Its primary edge remains social engineering, especially with help‑desk impersonation and MFA bypass. What stands out is their agility. They treat industries like clusters, learning system platforms and then striking multiple targets in quick succession, a tactical shift in ransomware campaigns. Frankly, it feels like our defense is still catching up. The weakest link... us. 🤷🏻‍♂️ 🫵

TL;DR
🕷️ Excellent Social engineering competence
⚠️ Airlines added to target sectors
🔄 Cluster targeting by industry
🧠 Reemergence after 2024 slowdown

wired.com/story/scattered-spid
#ScatteredSpider #Cybersecurity #ThreatIntelligence #SOC #Ransomware #security #privacy #cloud #infosec #SocialEngineering

Replied in thread

@patrickcmiller I wonder if any of #scatteredspider’s success with more nuanced and sophisticated social engineering vectors can be attributed to a cultural advantage they get from being raised in developed western English speaking countries. Do they know how people and systems think and work in the west simply because they are raised there and just “get” it…?

#UK Charges Four in ‘Scattered Spider’ #Ransom Group

Authorities in the #UnitedKingdom this week arrested four alleged members of “Scattered Spider,” a prolific data theft and #extortion group whose recent victims include multiple airlines and the U.K. retail chain Marks & Spencer.
#privacy #scatteredspider

krebsonsecurity.com/2025/07/uk

krebsonsecurity.comUK Arrests Four in ‘Scattered Spider’ Ransom Group – Krebs on Security
Replied in thread

@briankrebs i've seen some IR figures get squirrely about the name. some argue Scattered Spider is a loose confederation, others an attack methodology. i don't have a strong opinion on that but i've seen the absolute bedlam these crews drop everywhere they go. #infosec #scatteredSpider

Three teenage males and a young woman hauled away by cops, suspected of hacking huge retailers.

Four youngsters are in custody today, alleged to be the notorious #ScatteredSpider hackers (or at least, some of them). The “loose affiliation” of hackers is suspected of badly disrupting operations at three large retail chains since April.

The four are innocent until proven guilty. In #SBBlogwatch, we channel Sir William Garrow.

@TheFuturumGroup @TechstrongGroup @SecurityBlvd: securityboulevard.com/2025/07/

Even more arrests! Reuters reports:

Four people have been arrested as part of a police investigation into cyberattacks that disrupted the operations of retailers Marks & Spencer, the Co-op and Harrods, Britain's National Crime Agency said.

The cyberattack on M&S was the most serious, costing it about 300 million pounds ($409 million) in lost operating profit.

The NCA said two males aged 19, another aged 17, and a 20-year-old female were apprehended in the West Midlands, central England, and London on Thursday on suspicion of Computer Misuse Act offences, blackmail, money laundering and participating in the activities of an organised crime group.

More at reuters.com/business/retail-co

M&S head Archie Norman won’t say if he authorized #DragonForce #ransomware hacker payday.

British shopping titan M&S is still dealing with the mess caused by April’s #ransomware attack. There’s at least three months more work ahead says the firm’s chairman, Archie Norman (pictured).

But there are persistent rumors M&S paid #ScatteredSpider’s ransom demand. In #SBBlogwatch, Norman will neither confirm nor deny.

@TheFuturumGroup @TechstrongGroup @SecurityBlvd: securityboulevard.com/2025/07/

This is a timely reminder to ensure any third-parties with access to your systems follow the same cyber policies you'd expect your internal staff to follow.

#ScatteredSpider are particularly good at #SocialEngineering their way via a third-party to other victims.

For clarity, #ScatteredSpider are considered the initial access group, #DragonForce #ransomware is the malware deployed once #ScatteredSpider are inside your network.

bleepingcomputer.com/news/secu

🔥 New Discernible Drill this week!

Recent Scattered Spider attacks on airlines highlight the challenges of responding to a network compromise when every minute of downtime affects thousands of passengers and critical safety operations.

Our latest drill scenario puts you in the SOC during an active airline intrusion. You'll navigate the unique communication challenges of balancing security containment with operational continuity when flight schedules, passenger safety, and regulatory compliance are all on the line.

Perfect for:
✈️ SOC analysts and engineers
✈️ Incident response teams
✈️ Anyone working in critical infrastructure security

The aviation industry's complex operational requirements create communication scenarios you won't find in typical incident response training.

Ready to see how you'd handle it?

Subscribe to join at DiscernibleInc.com/drills

#IncidentResponse #SecurityCommunications
#ScatteredSpider