Security news aggregator

Latest coverage for Scattered Spider

Coverage of incidents attributed to Scattered Spider, with analysis of infrastructure, disruption efforts, and defensive guidance for organizations.

181 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Scattered Spider is a label used in public reporting for a loosely defined, financially motivated intrusion set. Attribution is not always consistent, and the name may encompass related operators rather than a single centralized organization. Reported activity has involved social engineering of help-desk staff, theft or takeover of credentials and MFA-recovery methods, and access to cloud, identity, or virtual-administration environments. These techniques can turn weaknesses in account-recovery procedures into privileged access without exploiting a software vulnerability.

The principal defensive concern is compromise of the identity-management plane. Organizations should require robust, independently verified help-desk identity checks; prefer phishing-resistant MFA for privileged and remote access; restrict and alert on MFA, password, SIM, and recovery-setting changes; and monitor identity-provider, VPN, cloud, and administrative logs for unusual authentication or privilege changes. Threat intelligence is most useful when it supports behavior-based detection rather than reliance on a fixed list of indicators. If suspected, preserve authentication and support-ticket records quickly and investigate linked accounts, sessions, tokens, and administrator actions.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 181

Thalha Jubair and Owen Flowers led and directed many attacks attributed to the hacker subset of The Com. U.S. authorities previously accused Jubair of participating in at least 120 attacks. The post Leading members of Scattered Spider sentenced in UK to 66 months in jail appeared first on CyberScoop.

Bank Info Security 1 day, 18 hours ago

2 Young Hackers Jailed for Disrupting London Underground

Police Say Arrests 'Effectively Halted' Scattered Spider Cybercrime CollectiveTwo leaders of the Scattered Spider hacking group received 66-month jail sentences in Britain's biggest cybercrime prosecution to date, after they disrupted London's transport authority, causing $39 million in losses and recovery costs. How to deter young hackers remains an ongoing challenge.

Two members of the Scattered Spider cybercrime group received jail sentences in the UK for the 2024 cyberattack on Transport for London. A UK court sentenced two Scattered Spider members, Thalha Jubair (20) and Owen Flowers (18), for their role in the 2024 cyberattack on Transport for London (TfL). Transport for London (TfL) is a local […]

Bank Info Security 1 week, 2 days ago

The Most Elusive Criminal Quality: Anonymity

Suspected Scattered Spider Member Reportedly Unmasked After Making Death ThreatHow did investigators unmask a 19-year-old suspected Scattered Spider extortionist? Amateur sleuths have highlighted Microsoft-gathered device telemetry in charging documents. But a researcher said he was quickly unmasked and tracked for years, after he sent her a death threat.

Anarchic Western Adolescent Hacking Groups Appear to Defy Easy CategorizationSome cybersecurity entities are groups, with office hours and vacation time. But others, such as Scattered Spider and other Com spinoffs, are largely comprised of adolescent hackers and extortionists, and often display more anarchic behavior that makes their efforts tougher to combat.

Krebs on Security 3 weeks, 3 days ago

Scattered Spider Hackers Plead Guilty on Day 1 of Trial

Two men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled Transport for London, the entity responsible for the public transport network in the Greater London area. The duo were key members of a prolific cybercrime group known as Scattered Spider, and their guilty pleas came on the first day of what was expected to be a six-week trial.

An On Demand video from ID DatawebScattered Spider continues to evolve, and organizations across financial services, healthcare, insurance, telecommunications, and other sectors are strengthening defenses against increasingly sophisticated identity-driven threats.

Loading more headlines...