FBI Lifts the Lid on Notorious Scattered Spider Group
Security advisory details TTPs of prolific threat actors
Stay informed on the FBI's latest cyber security operations, threats, and safety tips. Your source for up-to-date FBI infosec news and insights.
Search across headline titles and summaries.
Background for this topic.
Federal Bureau of Investigation (FBI) is the United States’ principal federal law-enforcement agency and a domestic intelligence authority. In cybersecurity, it investigates cybercrime, digital intrusion, online fraud, and espionage; works with victims and other agencies; and may support disruption operations, prosecutions, or public warnings. FBI references in security news often concern indictments, infrastructure seizures, malware or intrusion advisories, and requests for victim cooperation.
Practitioners can report suspected internet crime through the FBI’s Internet Crime Complaint Center (IC3) or contact a local FBI field office, while preserving relevant logs, messages, and other evidence. FBI engagement can provide threat intelligence, such as indicators of compromise or information about attacker infrastructure, and may affect evidence handling and legal processes. It does not replace containment, recovery, breach assessment, or privacy and regulatory notifications required of the affected organization.
Security advisory details TTPs of prolific threat actors
Agencies Release Joint Advisory Urging Organizations to Implement New MitigationsCISA and the FBI released an advisory recommending that critical infrastructure organizations implement a series of recommendations to thwart a unique hacking group known for targeting commercial facilities, as seen in the recent cyberattack targeting MGM Resorts International.
Absence of arrests doesn't mean nothing's happening, cyber-cops insist The FBI is applying "significant" resources to find members of the infamous Scattered Spider cyber-crime crew, which seemingly attacked a couple of high-profile casinos a few months ago and remains active, according to a senior bureau official.…
The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency released an advisory about the evasive threat actor tracked as Scattered Spider, a loosely knit hacking collective that now collaborates with the ALPHV/BlackCat Russian ransomware operation.. [...]
Cybercriminals are playing both sides with simple disaster scams, and it's working.
The threat actors behind the Rhysida ransomware engage in opportunistic attacks targeting organizations spanning various industry sectors
Bureau Touts ‘All-Time High’ Public-Private Coordination Despite Rise in AttacksFBI officials said Wednesday that the federal government is preventing advanced ransomware attacks targeting a range of institutions with the help of new information-sharing and victim engagement initiatives with organizations across the public and private sectors.
The FBI and CISA warned today of Rhysida ransomware gang's opportunistic attacks targeting organizations across multiple industry sectors. [...]
War of words escalates as deadline draws near FBI director Christopher Wray made yet another impassioned plea to US lawmakers to kill a proposed warrant requirement for so-called "US person queries" of data collected via the Feds' favorite snooping tool, FISA Section 702.…
23K nodes earned operator more than $500K – and now perhaps jail time The FBI says it has dismantled another botnet and collared its operator, who admitted hijacking tens of thousands of machines around the world to create his network of nodes.…
Royal alone scored $275M in past year as FBI, other agencies hot on merging trail The US' Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) have released fresh guidance on the Royal ransomware operation, saying that evidence suggests it may soon undergo a long-speculated rebrand.…
The FBI and CISA revealed in a joint advisory that the Royal ransomware gang has breached the networks of at least 350 organizations worldwide since September 2022. [...]
Malaysian law enforcement authorities have announced the takedown of a phishing-as-a-service (PhaaS) operation called BulletProofLink