X
Animalverse.social

Login Now

Create an account
  • Home
  • Blackmarketplace
  • Groups
  • Game
  • Watch
  • Jobs
  • Financial
  • Login
  • Register

Forbes

Profile picture of Forbes

Forbes

@0x571c7fbd85f5478b6feaec59afd40b353b8843bb

Active 17 hours, 43 minutes ago
  • More7
    • Activity
    • Profile
    • Shop
    • Friends
    • Groups
    • Forums
    • Media 114
  • 0

    Friends

  • 0

    Groups

My photos
  • What The One Big Beautiful Bill Act Will Mean For You And Your Business
  • How These French Founders Built A Warby Parker Competitor That’s Even More Affordable
  • IMG_8529
  • Stablecoins offer promising improvements for cross-border transactions. But for domestic payments in developed economies, they’re a solution looking for a problem. (Photo: Gabby Jones via Bloomberg)
  • Red States–And AI–Are Big Losers From Trump’s Clean Energy Massacre
  • FBI Warning Issued As 2FA Bypass Attacks Surge — Get Prepared Update, June 30, 2025: This story, originally published on June 28, has been updated with an in-depth analysis of the Scattered Spider threat group, along with expert comment from cybersecurity professionals as the FBI warns that the dangerous threat actors are now moving into a new sector to attack: transportation. When the Federal Bureau of Investigation issues a cybersecurity alert, you would be well advised to pay attention and take action. Whether that’s involving malicious SMS messages, AI-powered phishing attacks, or, as I recently reported, the skyrocketing number of ransomware threats. And ransomware is the subject of this latest, critical, warning from the FBI. This time involving the Scattered Spider threat group which has made headlines after taking responsibility for multiple retail sector attacks including that against Marks & Spencer in the U.K. which is estimated to have cost the high street chain at least $600 million. Now the group is targeting the airline industry, the FBI has warned, both directly and through the entire supply chain. Here’s what you need to know. ForbesGoogle’s Android Warning For 3 Billion Users: Change This Setting NowBy Davey Winder FBI Confirms Scattered Spider Attacks Targeting Transportation A June 26 report from ransomware analysts at Halcyon warned that there were “indications that Scattered Spider is also now targeting the Food, Manufacturing, and Transportation (particularly Aviation) sectors in the US.” This has now been confirmed by the FBI which provided a statement to me by email that said: “The FBI has recently observed the cybercriminal group Scattered Spider expanding its targeting to include the airline sector.” The statement, also posted to X, fomrerly known as Twitter, continued to confirm that the ransomware group is using the same methods during this surge of attacks into new sectors, namely “social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access.” Specifically, Scattered Spider looks to bypass mutli-factor authentication, commonly referred to as MFA or 2FA, by using various methods to get those help desks to “add unauthorized MFA devices to compromised accounts.” Scattered Spider has been on the FBI radar for a number of years, with a joint cybersecurity advisory alongside the Cybersecurity and Infrastructure Security Agency published in 2023 in response to what it described as “activity by Scattered Spider threat actors against the commercial facilities sectors and subsectors.” The FBI told me that it is currently actively working with aviation and industry partners “to address this activity and assist victims,” and urged anyone who thinks their organization may have been targeted to contact their local FBI office. In the meantime, beware of anyone asking for unauthorized 2FA devices to be added to accounts and follow established security processes and procedures to the letter, no matter what the person making the request may say. Forbes11 Million Critical Vulnerabilities Exposed — Act NowBy Davey Winder Who, Or What, Is Scattered Spider? The Reliaquest Threat Research Team has published an in-depth analysis of the Scattered Spider threat group behind the attacks as referenced in the latest FBI cybersecurity warning. The headline pullouts from the analysis are that 81% of the Scattered Spider domains impersonate technology vendors, with system administrators and executives, anyone likely to possess high-value credentials in other words, in the crosshairs. Leveraging phishing frameworks like Evilginx, and social engineering methods including video calls, initial access into targets such as the technology, finance,and retail trade sectors, has made Scattered Spider a threat to be taken very seriously indeed. Beyond the headline key points, however, lies the in-depth analysis of the hackers. Scattered Spider is a financially motivated cybercriminal organization heavily associated with The Community, a well-known yet loosely knit hacking collective. “Through strategic alliances with major ransomware operators ALPHV, RansomHub, and DragonForce,” the Reliaquest report said, Scattered Spice has been able to gain access to the tools it needs. Of most concern, however, has been the collaboration between with Russia-aligned threat groups and English-speaking threat actors. Scattered Spider has exploited this to perfection in order to deliver highly polished impersonation attacks, the kind of which are at the heart of many of its exploits.To further refine such impersonation tactics, social engineers with “highly specific qualifications” are being recruited, the report said. There are requirements such as no accent or a specific geographic one, a good level of fluency in the English language, and the understanding that working hours align with Western business times. “Callers are also provided with detailed scripts and real-time guidance from a so-called curator to help them handle any situation during the call,” Reliaquest said, adding that targets are specified to be outside of Russia and the Commonwealth of Independent States. The collaboration, Reliaquest concluded, “combines technical expertise with cultural fluency, enabling attackers to convincingly impersonate employees and leadership, bypass security protocols, and exploit trust-based systems like help desks.” Reliaquest said that it anticipates Scattered Spider adopting AI-powered attack methodologies in the near future, streamlining the group’s ability to manipulate trust-based systems such as IT help desks. ForbesWarning: ‘Some Kind Of God’ Hacker Demands $1,650 For Your SinsBy Davey Winder FBI Warned Of Aviation Attacks, But Insurance Sector Also Now Being Targeted By Scattered Spider Although the latest FBI warning focused on current attack threats targeting the transportation, and specifically aviation, sector and its supply chain, Scattered Spider has also expanded to include the insurance industry in its crosshairs. "Google Threat Intelligence Group is now aware of multiple intrusions in the US which bear all the hallmarks of Scattered Spider activity,” John Hultquist, the chief analyst with the Google Threat Intelligence Group, has said, “we are now seeing incidents in the insurance industry.” Jon Abbott, CEO at ThreatAware, prudently advised that while “the rising tide of attacks on US insurers” is a serious threat that should not be underestimated, it also represents “a warning for other industries to stay vigilant.” Although the Scattered Spider group has historically leaned towards targeting one industry sector at a time, there is a danger that, as aviation is now in the spotlight, other organizations take their eye off the remaining peril in front of them. With one common denominator between many attacks being the exploitation of the supply chain, with such compromise enabling lateral movement onto bigger fish, this is evidence that businesses that might not consider themselves in the aviation, insurance or retail sectors are still at risk. Richard Orange, a vice president at Abnormal AI, reiterates what the FBI has said. “This group relies on social engineering rather than technical exploits,” Orange said, “and bypasses traditional security controls by manipulating people, such as posing as IT staff or trusted partners.” This can often appear like an isolated incident or breach, but Scattered Spider will move laterally, Orange concluded, “harvesting credentials to deceive other departments, customers, and partners.”
  • JUST IN: Apple $AAPL reportedly considering powering new version of Siri using Anthropic or OpenAI - Bloomberg.
  • JUST IN: Apple $AAPL reportedly considering powering new version of Siri using Anthropic or OpenAI - Bloomberg.
  • JUST IN: Apple $AAPL reportedly considering powering new version of Siri using Anthropic or OpenAI - Bloomberg.
    • Topics Started
    • Replies Created
    • Engagements
    • Favorites

Forum Topics Started

  • Oh, bother! No topics were found here.
Guest
Create an account