CISOs should fortify help desk and employee defenses, enhance intrusion detection and tracking capabilities, and recognize that paying ransoms is not a viable strategy.

https://ciso2ciso.com/how-cisos-can-defend-against-scattered-spider-ransomware-attacks-source-www-csoonline-com/

#ScatteredSpider #UNC3944 #Starfraud #ScatterSwine #MuddledLibra #OctoTempest #0katpus.

From infiltration to crypto-lock sometimes in hours (not days) — as attackers refine tactics, 'speed matters,' experts warn
https://www.databreachtoday.com/as-attackers-refine-tactics-speed-matters-experts-warn-a-24605 #ScatteredSpider #muddledlibra #octotempest #UNC3944

Hackers that breached Las Vegas casinos rely on violent threats

A prolific hacking group that was behind a recent breach that crippled several Las Vegas resorts has made violence threats as part of its attempts to force victims to give up credentials.

In some cases, they sent text messages threatening violence against a target’s wife

#TheCom #OctoTempest #0ktapus #ScatteredSpider #Caesars #LasVegas #security #cybersecurity #socialengineering #hacking #hackers #hacked

https://cyberscoop.com/com-scattered-spider-tradecraft/

Microsoft has been tracking a threat group that stands out for its ability to cash in from data theft hacks that use broad social engineering attacks, painstaking research, and occasional physical threats.

Unlike many ransomware attack groups, #OctoTempest, as Microsoft has named the group, doesn’t encrypt data after gaining illegal access to it.
Instead, the threat actor threatens to share the data publicly unless the victim pays a hefty ransom.

To defeat targets’ defenses, the group resorts to a host of techniques, which, besides social engineering, includes SIM swaps, SMS phishing, and live voice calls.
Over time, the group has grown increasingly aggressive, at times resorting to threats of 🔹physical violence 🔹if a target doesn’t comply with instructions to turn over credentials.

https://arstechnica.com/security/2023/10/microsoft-profiles-new-threat-group-with-unusual-but-effective-practices/

Octo Tempest
Tactics surprise, prevail
Ruinous havoc wreaked
Unprepared targets suffer
Chaos

#microsoft #cybersecurity #octotempest #cinquain #poetry

https://arstechnica.com/security/2023/10/microsoft-profiles-new-threat-group-with-unusual-but-effective-practices/

This year, Octo Tempest broadened its targets to encompass companies in various sectors, including gaming, hospitality, retail, manufacturing, technology, financial services, and managed service providers.

#Cybersecurity #OctoTempest #HackerGroup

https://cybersec84.wordpress.com/2023/10/28/octo-tempest-the-most-dangerous-financial-hacking-group/

#Microsoft lifts the lid on a dangerous new #hacking group that could pose a major threat to your online accounts | TechRadar

https://www.techradar.com/pro/security/microsoft-lifts-the-lid-on-a-dangerous-new-hacking-group-that-could-pose-a-major-threat-to-your-online-accounts

> #OctoTempest will go to any lengths to breach a system

link to report:
https://click.linksynergy.com/deeplink?id=kXQk6%2AivFEQ&mid=24542&u1=trdpro-us-1422577295002543400&murl=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fsecurity%2Fblog%2F2023%2F10%2F25%2Focto-tempest-crosses-boundaries-to-facilitate-extortion-encryption-and-destruction%2F