Feds Charge Five Men in ‘Scattered Spider’ Roundup

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass, MailChimp, Okta, T-Mobile and Twilio. Continue reading Feds Charge Five Men in ‘Scattered Spider’ Roundup

Infosec products of the month: October 2024

Here’s a look at the most interesting products from the past month, featuring releases from: Action1, Balbix, BreachLock, Commvault, Dashlane, Data Theorem, Edgio, ExtraHop, Fastly, Frontegg, GitGuardian, IBM, Ivanti, Jumio, Kusari, Legit Security, Met… Continue reading Infosec products of the month: October 2024

The Dark Nexus Between Harm Groups and ‘The Com’

A cyberattack that shut down some of the top casinos in Las Vegas last year quickly became one of the most riveting security stories of 2023: It was the first known case of native English-speaking hackers in the United States and Britain teaming up with ransomware gangs based in Russia. But that made-for-Hollywood narrative has eclipsed a far more hideous trend: Many of these young, Western cybercriminals are also members of fast-growing online groups that exist solely to bully, stalk, harass and extort vulnerable teens into physically harming themselves and others. Continue reading The Dark Nexus Between Harm Groups and ‘The Com’

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years. Continue reading Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Okta Warns of Credential Stuffing Attacks Targeting Cross-Origin Authentication

Okta raises the alarm on credential stuffing attacks targeting endpoints used for cross-origin authentication.
The post Okta Warns of Credential Stuffing Attacks Targeting Cross-Origin Authentication appeared first on SecurityWeek.
Continue reading Okta Warns of Credential Stuffing Attacks Targeting Cross-Origin Authentication

ONCD report: ‘Fundamental transformation’ in cyber, tech drove 2023 risks

Evolving critical infrastructure risks, ransomware, supply chain exploitation, commercial spyware and AI were the top trends, the office reported.

The post ONCD report: ‘Fundamental transformation’ in cyber, tech drove 2023 risks appeared first on CyberScoop.

Continue reading ONCD report: ‘Fundamental transformation’ in cyber, tech drove 2023 risks