News

FBI, CISA warn of more Scattered Spider attacks to come - Wednesday, July 30, 2025 - 09:06
  • Scattered Spider is evolving, CISA, FBI and others have warned
  • Hackers are employing additional malware, including DragonForce
  • Companies should use phishing-resistant MFA to defend

Scattered Spider is only getting warmed up with its cyberattacks, and businesses should be on their guard for possible attacks, law enforcement forces have said.

A warning given by the US Cybersecurity and Infrastructure Security Agency (CISA), and a handful of other security agencies in Canada, the UK, and Australia, says the group has evolved to use more advanced social engineering - mostly impersonating employees to trick IT help desks into resetting passwords and transferring MFA tokens to attacker-controlled devices.

The hackers have also added new malware such as RattyRAT for stealthy access and DragonForce ransomware to encrypt systems and demand payment - especially targeting VMware ESXi servers.

More to come

Also known as Okto Tempest (and a handful of other names), Scattered Spider is described as a highly aggressive and sophisticated cybercriminal group known for targeting major companies through social engineering, phishing, and identity-focused attacks.

The group is infamous for its use of SIM swapping, MFA fatigue attacks, and help desk impersonation to gain initial access, and it’s the latter that CISA is now further stressing.

Scattered Spider is generally engaged in double-extortion attacks, exfiltrating sensitive files to third-party servers before encrypting the target infrastructure. To store the stolen files, they’re using MEGA.nz and Amazon S3, and in some cases, they’ve run thousands of queries against Snowflake environments to steal large volumes of data quickly.

To stay hidden, they create fake identities backed by social media profiles, monitor internal communications like Slack and Microsoft Teams, and even join incident response calls to learn how defenders are reacting.

CISA says more Scattered Spider attacks are to be expected in the coming weeks and months, and urges organizations to use phishing-resistant MFA (like FIDO/WebAuthn), audit and restrict remote access tools, monitor risky logins and unusual account behavior, maintain offline, encrypted backups, segment networks, and patch known vulnerabilities.

Via Cybernews

You might also like
The next Nintendo Direct has been announced – here's when and where you can watch it - Wednesday, July 30, 2025 - 09:16
  • A Nintendo Direct Partner Showcase has just been announced
  • You can tune in on July 31
  • The showcase will be 25 minutes long and feature third-party Switch 2 releases

Nintendo has officially announced the next Nintendo Direct showcase. And in typical fashion, there's not long to wait until we can watch it live. The company usually announces Nintendo Directs just a day or two before they go live, and that's no different here.

Announced via Nintendo's social channels, the next Nintendo Direct is taking place on July 31, 2025 at 6am PT / 9am ET / 2pm BST / 3pm CEST. You'll be able to watch the presentation live as it happens over at Nintendo's regional YouTube channels.

The presentation is due to last around 25 minutes, which is to be expected for a more focused partner showcase. There are still plenty of Nintendo Switch 2 games we're waiting for more details on throughout the rest of this year and next, though these will likely be reserved for a larger first-party Direct.

Join us for a #NintendoDirect Partner Showcase tomorrow, July 31, at 6am PT! Tune in for roughly 25 minutes of information on upcoming #NintendoSwitch2 and #NintendoSwitch games from our publishing partners. Watch here: https://t.co/PvBBmmxGTI pic.twitter.com/8hJBngwXHwJuly 30, 2025

Games we're looking forward to hearing more about include Metroid Prime 4: Beyond, Drag x Drive, Kirby Air Riders, and FromSoftware's The Duskbloods. All except The Duskbloods are slated to release this year, with the multiplayer Bloodborne-like arriving in 2026. Also keep in mind that this is a Partner Direct, meaning Nintendo's first-party titles are less likely to be featured here.

You might also like...
YouTube's Age-Estimation Tech Will Spot Kids Pretending to Be Adults. Here's How It Works - Wednesday, July 30, 2025 - 10:43
The streaming service will use various methods to make sure kids aren't watching age-restricted content.
Yes, It's Time to Reseason Your Cast-Iron Skillet. Here's the Right Way to Do It - Wednesday, July 30, 2025 - 10:46
If you've never reseasoned your cast-iron skillet, we promise not to judge. Here's how it's done.
Starlink Is Set to Receive Billions in Federal Subsidies but Analysis Says It Can’t Handle the Traffic - Wednesday, July 30, 2025 - 11:00
As Starlink is poised to cash in on BEAD contracts, a new analysis casts doubt on its ability to connect rural America.
Best VPN for Travel: Bypass Regional Content Blocks and Stream Geo-Protected Content From Anywhere - Wednesday, July 30, 2025 - 11:00
Enjoy extra privacy and circumvent geographical restrictions while roaming internationally or domestically with the best VPNs for travel.
How to Watch Panathinaikos vs. Rangers From Anywhere for Free: Stream Champions League Qualifier Soccer - Wednesday, July 30, 2025 - 11:00
The Scottish giant takes a 2-0 aggregate advantage to Athens.
Ninja Gaiden: Ragebound Is a Forgettable Chapter in the Series' Legacy - Wednesday, July 30, 2025 - 11:08
All style, but no heart makes Ragebound an easy game to skip.
What You Should Know About Jack Dorsey's New Messaging App Bitchat - Wednesday, July 30, 2025 - 13:17
Don't expect to start chatting with many people if you download the app now.
TikTok Introduces New Parental Controls, Fact-Checking and AI Moderation Features - Wednesday, July 30, 2025 - 13:22
TikTok wants parents to know when their kids are posting videos and what kind of content they're watching.
The Best Anime on Netflix You Can Watch Right Now - Wednesday, July 30, 2025 - 15:15
Get into these titles on Netflix.
Best WordPress Hosting for Smooth Website Operation in 2025 - Wednesday, July 30, 2025 - 15:23
We compared prices, features, performance and customer support of the top WordPress hosting services to help you make the right decision for your website.
Today's NYT Strands Hints, Answers and Help for July 31 #515 - Wednesday, July 30, 2025 - 16:00
Here are hints and answers for the NYT Strands puzzle for July 31 No. 515.
Today's NYT Connections Hints, Answers and Help for July 31, #781 - Wednesday, July 30, 2025 - 16:00
Here are some hints and the answers for the NYT Connections puzzle for July 31, #781.
Today's Wordle Hints, Answer and Help for July 31, #1503 - Wednesday, July 30, 2025 - 16:00
Here are hints and the answer for today's Wordle for July 31, No. 1,503.
Today's NYT Connections: Sports Edition Hints and Answers for July 31, #311 - Wednesday, July 30, 2025 - 16:00
Here are hints and the answers for the NYT Connections: Sports Edition puzzle for July 31, No. 311.
Your Next Yelp Reviews May Include an AI Video – With a Catch - Wednesday, July 30, 2025 - 16:07
Restaurant rating hub Yelp is now using AI videos to sum up restaurant reviews, but you may want to be careful what you post.
Think a Home Gym Is Cheaper Than a Gym Membership? We Did the Math to Find Out - Wednesday, July 30, 2025 - 17:00
The answer to which fitness routine is a smart money move may surprise you.
Best Sleep Headphones of 2025: Tested for Quality Rest by CNET Experts - Wednesday, July 30, 2025 - 17:00
Ready to fall sound asleep? From wireless earbuds to comfortable headbands, here are the best headphones for sleeping.
Premier League Summer Series: Stream Man United vs. Bournemouth From Anywhere - Wednesday, July 30, 2025 - 18:30
Match four of the preseason tournament sees the Red Devils take on the Cherries in Chicago.

Pages