Scattered Spider weaves web of social-engineered destruction
The cybercrime ring has infiltrated more than 100 businesses since 2022, including more than a dozen since it regrouped earlier this year.
Advertisement
Showing 10 of 230 results
-
Leucauge venusta, known as the orchard orbweaver spider, resting in the center of her web in Charleston, South Carolina. (Daniela Duncan/Getty Images) Cybersecurity -
(Getty Images) Election Security The SAVE database was already a headache for states. Now it’s fueling Trump’s voter fraud allegations.
Experts believe lawsuits are first steps in a larger plan by the White House to create new metrics that lend support to the president’s unproven claims that noncitizens are voting en masse for Democratic politicians.
-
Microsoft logo is seen in a Microsoft store on March 10, 2021, in New York.(Photo by John Smith/VIEWpress) Technology Microsoft Patch Tuesday addresses 66 vulnerabilities, including an actively exploited zero-day
A researcher tells CyberScoop that up to 80% of enterprises could be vulnerable to the zero-day Microsoft patched in its June update.
-
SonicWall’s headquarters in Milpitas, California. (Getty Images) Cybersecurity SonicWall customers confront resurgence of actively exploited vulnerabilities
The network security device vendor is making a regular appearance on CISA’s known exploited vulnerabilities catalog. Unlike its competitors, SonicWall hasn’t signed the secure-by-design pledge.
-
(Getty Images) Election Security Judge tosses citizenship provisions in Trump elections order
Requests to block federal agencies from sharing federal data with states and to condition federal election funding were denied by Judge Colleen Kollar-Kotelly.
-
A logo sign outside of the headquarters of Ivanti in South Jordan, Utah. (Kristoffer Tripplaar / Alamy Stock Photo) Research Is Ivanti the problem or a symptom of a systemic issue with network devices?
Exploited vulnerabilities have turned up in Ivanti products 16 times since 2024. That’s more than any other vendor in the network edge device space.
-
(Getty) Technology Independent tests show why orgs should use third-party cloud security services
AWS, Microsoft Azure and Google Cloud Platform each scored 0% security effectiveness in CyberRatings.org’s evaluation of cloud network firewall vendors’ ability to prevent exploits and evasions.
-
External researchers can’t determine the originating IP addresses for the flood of malicious traffic that hit X’s servers without direct access to X’s systems. (Photo by KIRILL KUDRYAVTSEV/AFP via Getty Images) Threats X suffered a DDoS attack. Its CEO and security researchers can’t agree on who did it.
X’s wave of outages resembled a DDoS attack and Dark Storm Team, a prolific threat group specializing in such attacks, claimed responsibility.
-
(Getty Images) Commentary Java security: If you ain’t cheatin,’ you ain’t tryin’
Rigging the odds in your favor is the only way security practitioners can go.
-
Tesla Founder Elon Musk walks on stage with his son, X, beside President-elect Donald Trump during a rally at Capital One Arena in Washington, on January 19, 2025. (Photo by Tom Brenner for The Washington Post via Getty Images) Threats Cybersecurity, government experts are aghast at security failures in DOGE takeover
Elon Musk’s takeover of key systems across the federal government is ignoring decades of laws, regulations and procedures, experts told CyberScoop.