Socially Savvy Scattered Spider Traps Cloud Admins in Web

Law enforcement seized electronics containing special hacking tools and software as well as a substantial amount of cash in the raids. [TechWeb]( Follow Dark Reading: [RSS]( September 13, 2024 LATEST SECURITY NEWS & COMMENTARY [Socially Savvy Scattered Spider Traps Cloud Admins in Web]( The dangerous ransomware group is targeting financial and insurance sectors using smishing and vishing against IT service desk administrators, cybersecurity teams, and other employees with top-level privileges. [For Just $20, Researchers Seize Part of Internet Infrastructure]( Their findings highlight the frailty of some of the mechanisms for establishing trust on the Internet. ['Hadooken' Malware Targets Oracle's WebLogic Servers]( An attacker is using the tool to deploy a cryptominer and the Tsunami DDoS bot on compromised systems. [Singapore Arrests 6 Suspected Members of African Cybercrime Group]( Law enforcement seized electronics containing special hacking tools and software as well as a substantial amount of cash in the raids. [Microsoft VS Code Undermined in Asian Spy Attack]( A technique to abuse Microsoft's built-in source code editor has finally made it into the wild, thanks to China's Mustang Panda APT. [Rising Tide of Software Supply Chain Attacks: An Urgent Problem]( Understanding a threat is just as important as the steps taken toward prevention. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [SOAR Is Dead, Long Live SOAR]( Business intelligence firm Gartner labels security orchestration, automation, and response as "obsolete," but the fight to automate and simplify security operations is here to stay. [Cybersecurity Talent Shortage Prompts White House Action]( The Biden administration launches an initiative to encourage careers in cybersecurity, as businesses try new tactics to get unfilled IT security roles staffed. [How Law Enforcement's Ransomware Strategies Are Evolving]( The threat of ransomware hasn't gone away. But law enforcement has struck a blow by adjusting its tactics and taking out some of the biggest adversaries in the ransomware scene. [Remote Access Sprawl Strains Industrial OT Network Security]( A veritable grab bag of tools used to access critical infrastructure networks are wildly insecure, and they're blobbing together to create a widening attack surface. [MORE]( PRODUCTS & RELEASES [SCADA Market Is Set to Reach $18.7B by 2031]( [US Army Selects QuSecure Solution for 'Enhanced Post-Quantum Cryptography Suite for Tactical Networks' Project]( [Security Testing Market Worth $43.9B by 2029]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Air-Gapped Networks Vulnerable to Acoustic Attack via LCD Screens]( In the "PixHell" attack, sound waves generated by pixels on a screen can transmit information across seemingly impenetrable air gaps. LATEST FROM THE EDGE [When Startup Founders Should Start Thinking About Cybersecurity]( Most investors aren't demanding cybersecurity preparedness from startups, but founders should still be worried about the risks. LATEST FROM DR TECHNOLOGY [How a Centuries-Old Company Reached Security Maturity]( In this case study, a 180-year-old life and pension insurer brought its security infrastructure into the modern age. LATEST FROM DR GLOBAL [Amateurish 'CosmicBeetle' Ransomware Stings SMBs in Turkey]( With an immature codebase and a "rather chaotic encryption scheme" prone to failure, the group targets small businesses with custom malware. WEBINARS - [DORA and PCI DSS 4.0: Scale Your Mainframe Security Strategy Among Evolving Regulations]( - [Harnessing the Power of Automation to Boost Enterprise Cybersecurity]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Evolve Your Ransomware Defense]( - [RevealX Catches Ransomware Within Days of Deployment at WCH]( - [5 Essential Insights into Generative AI for Security Leaders]( - [SecOps Checklist]( - [The Future of Passwords and the Passwordless Evolution]( - [Ten Elements of Insider Risk in Highly Regulated Industries]( - [IT Risk & Compliance Platforms: A Buyer's Guide]( [View More White Papers >>]( FEATURED REPORTS - [Managing Third-Party Risk Through Situational Awareness]( - [2024 InformationWeek US IT Salary Report]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=125687&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_09.13.24&sp_cid=55053&utm_content=DR_NL_Dark%20Reading%20Daily_09.13.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#ce If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)