Scattered Spider shifts gears and begins exploiting VMware’s ESXi to deploy ransomware on critical U.S. infrastructure.
Posted inCybersecurity News

Scattered Spider shifts gears and begins exploiting VMware’s ESXi to deploy ransomware on critical U.S. infrastructure.

A highly active and sophisticated cybercriminal collective known as Scattered Spider—also referred to as UNC3944, 0ktapus, Octo Tempest, and Muddled Libra—has escalated its attacks on critical U.S. infrastructure by targeting the VMware ESXi hypervisor, a core component of many enterprise data centers. By deploying ransomware on these systems, the group has successfully disrupted a range of sectors, highlighting the growing risks associated with virtualized environments.
Check Point research uncovers new details about Scattered Spider’s methodology including over 500 phishing domains queued to target multiple industries.
Posted inCybersecurity News

Check Point research uncovers new details about Scattered Spider’s methodology including over 500 phishing domains queued to target multiple industries.

Recent analysis from Check Point Research has shed new light on the cybercriminal group known as Scattered Spider, revealing a significant escalation in both the scale and sophistication of their operations. The group’s latest campaigns pose a mounting threat to enterprises, with the aviation sector emerging as a primary target.
Scattered Spider redux. Qantas Airways confirms significant cyberattack against third-party customer service platform.
Posted inCybersecurity News

Scattered Spider redux. Qantas Airways confirms significant cyberattack against third-party customer service platform.

Qantas Airways has confirmed a significant cyberattack affecting a third-party customer service platform used by one of its contact centers, resulting in the exposure of personal data for up to six million customers. The compromised data includes names, email addresses, phone numbers, dates of birth, and frequent flyer numbers. Importantly, no credit card, financial, or passport information was stored on the affected system, and frequent flyer account credentials (passwords, PINs, logins) were not accessed.