Podcasts about scattered spider

British and Romanian authorities make arrests in a major tax fraud scheme. The Interlock ransomware gang has a new RAT. A new vulnerability in Google Gemini for Workspace allows attackers to hide malicious instructions inside emails. Suspected Chinese hackers breach a major DC law firm.  Multiple firmware vulnerabilities affect products from Taiwanese manufacturer Gigabyte Technology. Nvidia warns against Rowhammer attacks across its product line. Louis Vuitton joins the list of breached UK retailers. Indian authorities dismantle a cyber fraud gang. CISA pumps the brakes on a critical vulnerability in American train systems. Our guest is Cynthia Kaiser, SVP of Halcyon's Ransomware Research Center and former Deputy Assistant Director at the FBI's Cyber Division, with insights on Scattered Spider. Hackers ransack Elmo's World.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Cynthia Kaiser, SVP of Halcyon's Ransomware Research Center and former Deputy Assistant Director at the FBI's Cyber Division, discussing "Scattered Spider and Other Criminal Compromise of Outsourcing Providers Increases Victim Attacks." You can check out more from Halcyon here. Selected Reading Romanian police arrest 13 scammers targeting UK's tax authority (The Record) Interlock Ransomware Unleashes New RAT in Widespread Campaign (Infosecurity Magazine) Google Gemini flaw hijacks email summaries for phishing (Bleeping Computer) Chinese hackers suspected in breach of powerful DC law firm (CNN Politics) Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment (Security Week) Nvidia warns of Rowhammer attacks on GPUs (The Register) Louis Vuitton UK Latest Retailer Hit by Data Breach (Infosecurity Magazine) Indian Police Raid Tech Support Scam Call Center (Infosecurity Magazine) Security vulnerability on U.S. trains that let anyone activate the brakes on the rear car was known for 13 years — operators refused to fix the issue until now (Tom's Hardware) End-of-Train and Head-of-Train Remote Linking Protocol (CISA) Hacker Makes Antisemitic Posts on Elmo's X Account (The New York Times) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode of 'Cybersecurity: Today's Month in Review,' the panel of experts, including Laura Payne, David Shipley, and new guest Tammy Harper, delve into major cybersecurity stories from the past month. Discussions range from the recent arrest of a Montreal scam operator, Scattered Spider's targeted attacks on various sectors, and the impacts of AI on the cybersecurity landscape. The panel also highlights industry shifts, new threat tactics, and the importance of strategic communication during incidents. The episode concludes with reflections on AI's integration into enterprise systems, emphasizing preparation and ethical considerations. 00:00 Introduction to the Cybersecurity Month in Review 00:12 Meet the Panelists 00:26 Laura Payne's Introduction 01:04 David Shipley's Introduction 01:38 Tammy Harper's Introduction 04:09 First Story: Montreal Scam Arrest 10:52 David Shipley's Big Story: Scattered Spider 16:40 The Rise of Young Cybercriminals 32:36 Ingram Micro Ransomware Attack 33:27 Government Breaches and Fast Recovery 34:56 Ingram Micro Incident and Communication Failures 35:55 Importance of Communication in Incident Response 37:39 Ransomware Trends and Threat Actor Tactics 39:55 Shift from Encryption to Exfiltration 46:41 Government Actions and Market Impact 51:27 AI in Cybersecurity: Risks and Opportunities 58:53 Ethical AI and Future Considerations 01:08:12 Final Thoughts and Wrap-Up

Four suspected members of the hacker group Scattered Spider have been arrested in the UK, Reports indicate a massive uptick in AI-generated CSAM, and Bluesky is adding age verification features for users in the UK. It's Friday, July 11th and here's a quick look at tech in the news this morning from Engadget. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Two billion eSIMs receive crucial security patches, China's cyber militias go on the offensive, four Scattered Spider members detained over UK retail attacks, and a Russian basketball player is arrested in a ransomware case. Show notes

Why were the Texas floods so deadly, and could more have been done to warn victims? Emily Foxhall at the Texas Tribune explores the issue. Today, a federal judge will hear new legal arguments against the Trump administration’s birthright-citizenship order. Tom Hals of Reuters tells us about the legal landscape and what to expect. Lily Hay Newman, a senior writer for Wired, takes us behind the scenes of a group of young cybercriminals called the Scattered Spider. Plus, measles has hit record levels in the U.S., Elon Musk lost his CEO at X, and the AI music going viral. Today’s episode was hosted by Shumita Basu.

Tom Uren and Amberleigh Jack talk about our developing understanding of the group that people call Scattered Spider. Independent security firms agree that there are a small number of key people that are driving the group's outrageous success. That gives us hope that targeted action might stem the bleeding. They also talk about data leaks from China's cyber espionage ecosystem that are for sale on a data leak site. These look to contain actionable information from a counterintelligence point of view. And Tom wonders if a market for espionage-as-a-service will develop? This episode is also available on Youtube. Show notes

NOTE: Police in the UK have indicted four members of Scattered Spider. The suspects — two 19-year-old men, a 17-year-old man and a 20-year-old woman — are being held on suspicion of violating the Computer Misuse Act, blackmail, money laundering and participating in organized crime activities, according to the NCA. For more information, click here: https://www.cybersecuritydive.com/news/uk-arrest-four-retail-cyberattack/752682/ =========== Welcome to the Identity Theft Resource Center's (ITRC's) Weekly Breach Breakdown for July 11, 2025. I'm Alex Achten, Senior Director of Communications & Media Relations of the ITRC. Thanks to Sentilink for supporting the ITRC and this podcast. Each week, we look at the most recent events and trends related to data security and privacy. Today, we will take a deeper look at the works of a ransomware group that ITRC President James E. Lee discussed on the podcast just last month. We are discussing Scattered Spider attacks. Have you ever been bitten by a spider? It hurts so bad! The good news is that most spider bites are harmless. However, some are worse than others, especially black widow and brown recluse spiders. As James said in June, not all scary spiders are of the 8-legged freak. There is one that does not have eight legs and can inflict harm as nasty as a black widow or brown recluse bite. We are again discussing the ransomware group Scattered Spider, which continues to dominate the headlines and target companies. Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on Twitter: twitter.com/IDTheftCenter

In this conversation, Dr. Chase Cunningham, also known as Dr. Zero Trust, discusses the recent ransomware attack on Marks & Spencer, the implications of Ingram Micro's investigation into a ransomware incident, and the lessons learned from major cyber attacks. He highlights the importance of cybersecurity measures, job opportunities in the field, and government initiatives aimed at improving cybersecurity. The conversation also explores the rise of sophisticated cyber threats, including deepfake scams and the activities of the hacker group Scattered Spider, concluding with insights into the future of cybersecurity.TakeawaysMarks & Spencer's ransomware attack was the result of social engineering.The attack involved impersonation of employees to reset passwords.Micro segmentation and multi-factor authentication could have mitigated the attack.Ingram Micro is investigating a ransomware attack that is affecting its operations.Lessons from past cyberattacks emphasize the need for software updates and ongoing training.Deepfake scams are becoming a significant threat.There are numerous job opportunities in the field of cybersecurity.Government funding for cybersecurity is crucial for rural hospitals.The SEC is settling with SolarWinds over cybersecurity failures.Organizations often overlook cybersecurity best practices.

It's been just over a week since Qantas suffered a major data breach, with cyber criminals stealing a trove of customer data from a call centre including names, email addresses and frequent flyer numbers. The reputational shellacking is one the Flying Kangaroo certainly didn't need, but has the backlash been fair, and what has Qantas been doing to protect customers in the wake of the attack? Adam and Jake are joined by special guest David Hollingworth from Cyber Daily to discuss the impact and aftermath of the hack, and how you can protect your data. Plus, Huey Award laureate Hinterland Aviation is up for sale – who might snap up the much-loved regional carrier?

President Trump publicly released tariff letters to around a dozen countries—including Japan, South Korea, Thailand, and Indonesia—warning they'll face import taxes of at least 25% starting August 1 unless they finalize new trade deals. Meanwhile, a California National Guard deployment to an empty park in LA drew backlash as a political stunt, while Customs and Border Protection issued a call for advanced surveillance tech to analyze seized digital devices. Cybersecurity experts raised alarms over Scattered Spider, a hacker group targeting U.S. infrastructure using phishing and impersonation tactics. The DOJ and FBI released a memo denying any Epstein “client list” or foul play in his prison death—despite past contradictions—including new (but suspect) footage. Physician groups are suing HHS Secretary RFK Jr. over new federal COVID vaccine recommendations, and the Trump administration says a U.S.-friendly version of TikTok is on track to launch September 5 as part of a deal to avoid a full ban. Resources/Articles mentioned in this episode: NYT: Here Are Trump's New Tariff Threats  AP News: Troops and federal agents briefly descend on LA's MacArthur Park in largely immigrant neighborhood Wired: CBP Wants New Tech to Search for Hidden Data on Seized Phones Wired: A Group of Young Cybercriminals Poses the ‘Most Imminent Threat' of Cyberattacks Right Now Axios: Exclusive: DOJ, FBI conclude Epstein had no "client list," died by suicide Axios: Docs sue RFK Jr. over COVID vax policy changes  The Verge: TikTok's ‘ban' problem could end soon with a new app and a sale  Morning Announcements is produced by Sami Sage and edited by Grace Hernandez-Johnson Learn more about your ad choices. Visit megaphone.fm/adchoices

Got a question or comment? Message us here!In this episode, our security engineers break down the latest cybersecurity headlines, from the real scoop behind the “16 billion password” leak to the rise of hacker groups like Scattered Spider.

According to Bleeping Computer, hackers associated with "Scattered Spider" tactics have expanded their targeting to the aviation and transportation industries after previously attacking insurance and retail sectors. In this episode, host Amanda Glassner is joined by Heather Engel, Managing Partner at Strategic Cyber Partners, to discuss. To learn more about today's stories, visit https://cybercrimewire.com • For more on cybersecurity, visit us at https://cybersecurityventures.com.

In this episode, I explore the difference between the military mindset and the more stealth approach of minimization in cybersecurity. I share the results from the Ghost in the Source Capture the Flag (CTF) challenge, revealing how the winners cracked the AES encryption using dictionary attacks, keyword harvesting and the cipher tool hidden in robots.txt. I discuss why the “assume breach” mentality just leaves the doors wide open, using examples from Kevin Mitnick's 1981 Pacific Bell infiltration to modern ransomware groups like Scattered Spider who breached MGM and Marks & Spencer through social engineering.I also cover practical tactics for using public Wi-Fi, data curation techniques, the invisible surveillance net including Stingray devices, and provide a deep dive into GrapheneOS covering user profiles, app sandboxing, network controls, sensor permissions, and the proper use of sandboxed Google Play services.In this week's episode:Ghost in the Source Capture the Flag challenge resultsThe military mindset problem in cybersecurityStrategic use of public Wi-Fi for account creation and privacy techniquesData curation tactics, and “Minimizing What Can Be Known”Invisible surveillance net and Stingray devicesGrapheneOS discussion on user profiles, app sandboxing, network controls, sensors permissions, sandboxed Google Play services, and security architectureMatrix Community RoomsMatrix Community Space - https://matrix.to/#/#psysecure:matrix.orgIndividual Room Links:https://matrix.to/#/#lockdown-general:matrix.orghttps://matrix.to/#/#lockdown-podcast:matrix.orghttps://matrix.to/#/#lockdown-intro:matrix.orgShow Links:Noam Chomsky on Internet Privacyhttps://www.youtube.com/watch?v=QIWsTMcBrjQNoam Chomsky on Advertising - https://www.youtube.com/watch?v=PfIwUlY44CMTryHackMe Platform - https://tryhackme.comHack the Box - https://hackthebox.comWired Article on DNC Stingray Surveillance - https://www.wired.com/story/2024-dnc-cell-site-simulator-phone-surveillance/IntelTechniques Data Removal Guide - https://inteltechniques.com/workbook.htmlOptery Data Broker Removal - https://optery.comGraphene OS - https://grapheneos.org“We're dragons. We're not supposed to live by other people's rules.”- Hajime Ryudo ★ Support this podcast on Patreon ★

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠Dave Bittner⁠⁠, ⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow up, as Joe shares with us a complaint he has with Vanguard. Maria's story is on McAfee's latest research revealing that one in five Americans has fallen for a travel scam—often losing hundreds of dollars—despite many trying to stay vigilant, as scammers use fake websites, AI-altered photos, and phishing links to exploit deal-seeking travelers. Joe's got two stories this week: the first one is from Rachel Tobac on LinkedIn, breaking down how attackers like Scattered Spider are using phone-based impersonation, fake domains, and social engineering to breach insurance companies, and the second is on Aflac confirming it was hit in a cyberattack believed to be part of a broader campaign targeting the insurance sector, likely tied to the same threat group. Dave's story is on brushing scams, a scheme the United States Postal Service is warning about, where scammers send unordered packages—often low-cost items—to people's addresses so they can fraudulently post fake “verified” reviews online using the recipient's name and address to boost product rankings. Our catch of the day is from the scams sub-Reddit, where someone shared text messages from a scammer asking for only a small favor. Complete our annual audience survey before August 31. Resources and links to stories: New McAfee Report Finds Young Adults Fall for Travel Scams More Often Than Older Generations Rachel Tobac LinkedIn Aflac Latest Insurer to Suffer Cyberattack and Data Breach Brushing Scam - Unexpected Package US Postal Inspection Service ⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Chris and Hector dive deep into the latest waves of cybercrime, from the FBI's battle with the Scattered Spider group targeting airlines, to takedowns of notorious data breach forums. The duo break down government responses, the real risks for average people, and share honest, hard-won advice for young hackers. Join our new Patreon! ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.patreon.com/c/hackerandthefed⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Send HATF your questions at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠questions@hackerandthefed.com

Three Buddy Problem - Episode 52: Fresh intelligence reports out of Europe and China: France's ANSSI documents a string of Ivanti VPN zero-days ('Houken'), and Quanxin frames a stealth Microsoft Exchange-zero-day chain linked to a North American 'Night Eagle' threat actor. We dissect the technical bread-crumbs, questions the attribution math, and connects Houken to SentinelOne's “Purple Haze” research. Plus, the FBI's claim that China's “Salt Typhoon” has been “contained,” Iran's Nobitex crypto-exchange breach (Predatory Sparrow torches $90 million and leaks the source code), Iranian cyber capabilities and sanctions avoidance. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

Drex covers three critical cybersecurity developments: Expo's groundbreaking AI-powered penetration testing system dominates HackerOne with over 1,000 vulnerabilities found, Microsoft redesigns the iconic Blue Screen of Death after 40 years, and the Scattered Spider ransomware group pivots from insurance to airline industry attacks using advanced social engineering and deepfakes.Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex's Lemonade Stand: Foundation for Childhood Cancer

Airbnb is piloting a “Reserve Now, Pay Later” feature in the U.S. and Canada to help guests book stays without upfront payments, aiming to boost affordability while keeping hosts protected under existing cancellation policies. Meanwhile, the U.S. Senate has advanced a budget bill allocating $12.5 billion to modernize air traffic control infrastructure, including consolidating radar and traffic control facilities, as part of broader reform efforts. Finally, Hawaiian Airlines, WestJet, and Qantas have reported cyberattacks ahead of the busy Fourth of July travel weekend, with the FBI attributing the incidents to the hacking group Scattered Spider. Airbnb Tests 'Reserve Now, Pay Later' Senate Bill Has $12.5 Billion for Air Traffic Reform: Here's the Breakdown Airlines Hit by Cyber Attacks: Here's What to Know Connect with Skift LinkedIn: ⁠⁠⁠https://www.linkedin.com/company/skift/⁠⁠⁠ WhatsApp: ⁠⁠⁠https://whatsapp.com/channel/0029VaAL375LikgIXmNPYQ0L/⁠⁠⁠ Facebook: ⁠⁠⁠https://facebook.com/skiftnews⁠⁠⁠ Instagram: ⁠⁠⁠https://www.instagram.com/skiftnews/⁠⁠ ⁠⁠⁠⁠⁠Threads: ⁠⁠⁠https://www.threads.net/@skiftnews⁠⁠⁠ Bluesky: ⁠⁠⁠https://bsky.app/profile/skiftnews.bsky.social⁠⁠⁠ X: ⁠⁠⁠https://twitter.com/skift⁠⁠⁠ Subscribe to ⁠⁠⁠@SkiftNews⁠⁠⁠ and never miss an update from the travel industry.

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news: Australian airline Qantas looks like it got a Scattered Spider-ing Microsoft works towards blunting the next CrowdStrike disaster Changes are coming for Microsoft's default enterprise app consenting setup Synology downplays hardcoded passwords for its M365 cloud backup agent The next Citrix Netscaler memory disclosure looks nasty Drug cartels used technical surveillance to find, fix and finish FBI informants and witnesses This week's episode is sponsored by RAD Security. Co-founder Jimmy Mesta joins to talk through how they use AI automation to assess the security posture of sprawling cloud environments. This episode is also available on Youtube. Show notes Qantas hit by cyber attack, leaving 6 million customer records at risk of data breach Scattered Spider appears to pivot toward aviation sector | Cybersecurity Dive Microsoft to make Windows more resilient following 2024 IT outage | Cybersecurity Dive (384) The Ultimate Guide to App Consent in Microsoft Entra - YouTube When Backups Open Backdoors: Accessing Sensitive Cloud Data via "Synology Active Backup for Microsoft 365" / modzero AT&T deploys new account lock feature to counter SIM swapping | CyberScoop Iran-linked hackers threaten to release Trump aides' emails | Reuters US government warns of new Iran-linked cyber threats on critical infrastructure | Cybersecurity Dive Actively exploited vulnerability gives extraordinary control over server fleets - Ars Technica Critical vulnerability in Citrix Netscaler raises specter of exploitation wave | Cybersecurity Dive Identities of More Than 80 Americans Stolen for North Korean IT Worker Scams | WIRED Cloudflare confirms Russia restricting access to services amid free internet crackdown | The Record from Recorded Future News Mexican drug cartel used hacker to track FBI official, then killed potential FBI informants, government audit says | CNN Politics Audit of the FBI's Efforts to Mitigate the Effects of Ubiquitous Technical Surveillance - Redacted Report NATO members aim for spending 5% of GDP on defense, with 1.5% eligible for cyber | The Record from Recorded Future News US sanctions bulletproof hosting provider for supporting ransomware, infostealer operations | CyberScoop US, French authorities confirm arrest of BreachForums hackers | TechCrunch Spanish police arrest five over $542 million crypto investment scheme | The Record from Recorded Future News Scam compounds labeled a 'living nightmare' as Cambodian government accused of turning a blind eye | The Record from Recorded Future News

The fire that caused the chaotic shutdown of Heathrow airport in March was likely caused by a “catastrophic” failure of a crucial component at an electricity substation that should have been prevented, Britain's National Energy System Operator (NESO) said in a report on the incident on Wednesday.Also in this episode:Composer and violinist Ellie Wilson on her immersive melody to highlight the fragility of ecosystems under threat from climate change and habitat loss. The 12-minute track is titled Moth X Human and has been made in collaboration with the UK Centre for Ecology and Hydrology.The FBI have warned that cyber gang, Scattered Spider, are now thought to be targeting the airline industry.E1 Series powerboats make London debut with spectacular display on the Thames.England's warmest June on record and the UK's second warmest temperatures since 1884.Europe's heatwave: the Eiffel Tower shuts its top level, forest fires, and soaring 45+ degree temperatures are recorded in parts of the continent.UK watchmaker gives back time to those who need mental health support.Superman soars 1,000ft over The Shard. Hosted on Acast. See acast.com/privacy for more information.

Sony, Scattered Spider, Hikvision, Cybercrime, Iran, BSODs, Cloudflare, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-490

The Cybercrime Magazine Podcast brings you daily cybercrime news on WCYB Digital Radio, the first and only 7x24x365 internet radio station devoted to cybersecurity. Stay updated on the latest cyberattacks, hacks, data breaches, and more with our host. Don't miss an episode, airing every half-hour on WCYB Digital Radio and daily on our podcast. Listen to today's news at https://soundcloud.com/cybercrimemagazine/sets/cybercrime-daily-news. Brought to you by our Partner, Evolution Equity Partners, an international venture capital investor partnering with exceptional entrepreneurs to develop market leading cyber-security and enterprise software companies. Learn more at https://evolutionequity.com

In this week's Security Sprint, Dave and Andy covered the following topics:Warm Open:• The GRIP is one year old and to celebrate, we're running an anniversary sale!!• Join the GRIP in July and use promo code HOTJULY2025 to receive a 20% discount!• (TLP:CLEAR) Hostile Nation States Employing Non-State Actors• Surge in MOVEit Transfer Scanning Could Signal Emerging Threat Activity• ‘Suspended animation': US government upheaval has frayed partnerships with critical infrastructure• Short-term extension of expiring cyber information-sharing law could be on the table• Gate 15 is excited to offer a low-cost ransomware resilience exercise for executives! Contact us today for more information on this great opportunity!Main Topics:Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest. CISA, the Federal Bureau of Investigation (FBI), the Department of Defense Cyber Crime Center (DC3), and the National Security Agency (NSA) published Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest. This joint fact sheet details the need for increased vigilance for potential cyber activity against U.S. critical infrastructure by Iranian state-sponsored or affiliated threat actors. Defense Industrial Base companies, particularly those possessing holdings or relationships with Israeli research and defense firms, are at increased risk. At this time, we have not seen indications of a coordinated campaign of malicious cyber activity in the U.S. that can be attributed to Iran. Beazley Report: U.S. Executives Misjudge Their Cyber Preparedness. U.S.-based executives feel more prepared to counter cyber threats, potentially indicating a false sense of security because many companies lack the ability to be adequately preparedness, according to a new report from specialist insurer Beazley. According to the report, Spotlight on Tech Transformation & Cyber Risk 2025, the perception of cyber resilience rose to 81% from 73% a year ago. Hostile Events:• A violent ambush in Idaho leaves 2 firefighters dead and 1 injured. What to know about the attack• Suspect Identified in Deadly Ambush of Idaho Firefighters• Chilling ‘coincidence' of Idaho shooting sends internet sleuths into overdrive• Gunman started Idaho blaze and then fatally shot 2 firefighters in ambush attack, officials say• Here's a timeline of how the Canfield Mountain ambush shooting unfolded• Multiple firefighters reportedly shot while responding to fire near Coeur d'Alene• Europol: New report - major developments and trends on terrorism in Europe in 2024Quick Hits:• Canadian Centre for Cyber Security - Vulnerabilities impacting Citrix NetScaler ADC and NetScaler Gateway - CVE-2025-5349, CVE-2025-5777 and CVE-2025-6543 • Over 1,200 Citrix servers unpatched against critical auth bypass flaw• The State of Ransomware 2025• Scattered Spider hackers shift focus to aviation, transportation firms • Scattered Spider's Calculated Path from CFO to Compromise • M&S fashion rivals ‘benefited from its pause on online orders after cyber-attack' • Ransomware attack contributed to patient's death• Canada orders Chinese CCTV biz Hikvision to quit the country ASAP• FBI PSA - Criminals Posing as Legitimate Health Insurers and Fraud Investigators to Commit Health Care Fraud• 50 Customers of French Bank Hit by Insider SIM Swap Scam; An intern at Société Générale is believed to have facilitated the theft of more than EUR1mn (USD1.15mn) from the bank's customers.• State of CPS Security 2025: Building Management System Exposures • H1 2025 Crypto Hacks and Exploits: A New Record Amid Evolving Threats

Sony, Scattered Spider, Hikvision, Cybercrime, Iran, BSODs, Cloudflare, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-490

Today on the Security Squawk Podcast: We're diving into a high-impact lineup of cyber threats and breaches shaking up industries from healthcare to aviation: Aflac Breach – Social Security numbers, health claims, and personal data compromised. ✈️ FBI Alert: 'Scattered Spider' cybercrime gang now targeting major U.S. airlines. Hawaiian Airlines hit by a cyberattack—what it means for travelers. ️ Hungryroot Breach – Over 1.1 million user records reportedly up for sale on the dark web. Tenacious Marketing USA – 414,000 records exposed. Another day, another marketing firm breached. ️ Hosted by Bryan Hornung, Reginald Andre, and Randy Bryan, this episode delivers real-world analysis, breach breakdowns, and what your business should be doing right now to stay protected. Join us live. Ask questions. Stay ahead. ️ New to streaming or looking to level up? Check out StreamYard and get $10 discount! https://streamyard.com/pal/d/65161790...

Sony, Scattered Spider, Hikvision, Cybercrime, Iran, BSODs, Cloudflare, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-490

CISA warns organizations of potential cyber threats from Iranian state-sponsored actors.Scattered Spider targets aviation and transportation. Workforce cuts at the State Department raise concerns about weakened cyber diplomacy. Canada bans Chinese security camera vendor Hikvision over national security concerns.Cisco Talos reports a rise in cybercriminals abusing Large Language Models. MacOS malware Poseidon Stealer rebrands.Researchers discover multiple vulnerabilities in Bluetooth chips used in headphones and earbuds. The FDA issues new guidance on medical device cybersecurity. Our guest is  Debbie Gordon, Co-Founder of Cloud Range, looking “Beyond the Stack - Why Cyber Readiness Starts with People.” An IT worker's revenge plan backfires. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's Industry Voices segment, Debbie Gordon, Co-Founder of Cloud Range, shares insights on looking “Beyond the Stack - Why Cyber Readiness Starts with People.” Learn more about what Debbie discusses in Cloud Range's blog: Bolstering Your Human Security Posture. You can hear Debbie's full conversation here. Selected Reading CISA and Partners Urge Critical Infrastructure to Stay Vigilant in the Current Geopolitical Environment (CISA) Joint Statement from CISA, FBI, DC3 and NSA on Potential Targeted Cyber Activity Against U.S. Critical Infrastructure by Iran (CISA, FBI, DOD Cyber Crime Center, NSA)  Prolific cybercriminal group now targeting aviation, transportation companies (Axios) U.S. Cyber Diplomacy at Risk Amid State Department Shakeup (GovInfo Security) Canada Bans Chinese CCTV Vendor Hikvision Over National Security Concerns (Infosecurity Magazine) Malicious AI Models Are Behind a New Wave of Cybercrime, Cisco Talos (Hackread) MacOS malware Poseidon Stealer rebranded as Odyssey Stealer (SC Media) Airoha Chip Vulnerabilities Expose Headphones to Takeover (SecurityWeek) FDA Expands Premarket Medical Device Cyber Guidance (GovInfo Security) 'Disgruntled' British IT worker jailed for hacking employer after being suspended (The Record) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Scattered Spider Update The threat actor known as Scattered Spider is in the news again, this time focusing on airlines. But the techniques used by Scattered Spider, social engineering, are still some of the most dangerous techniques used by various threat actors. https://cloud.google.com/blog/topics/threat-intelligence/unc3944-proactive-hardening-recommendations?e=48754805 AMI BIOS Vulnerability Exploited CVE-2024-54085 A vulnerability in the Redfish remote access software, including AMI s BIOS, is now being exploited. https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025003.pdf https://eclypsium.com/blog/ami-megarac-vulnerabilities-bmc-part-3/ Act now: Secure Boot certificates expire in June 2026 The Microsoft certificates used in Secure Boot are the basis of trust for operating system security, and all will be expiring beginning June 2026. https://techcommunity.microsoft.com/blog/windows-itpro-blog/act-now-secure-boot-certificates-expire-in-june-2026/4426856 The Windows Resiliency Initiative: Building resilience for a future-ready enterprise Microsoft announced more details about its future security and resilience strategy for Windows. In particular, security tools will no longer have kernel access, which is supposed to prevent a repeat of the Cloudflare issue, but may also restrict security tools functionality. https://blogs.windows.com/windowsexperience/2025/06/26/the-windows-resiliency-initiative-building-resilience-for-a-future-ready-enterprise/

In today's episode of Cybersecurity Today, hosted by David Shipley, a report from the US Department of Justice unveils how criminal organizations use Ubiquitous Technical Surveillance (UTS) to track and kill FBI informants. Hawaiian Airlines experiences a cyber attack, potentially involving ransomware. The Supreme Court upholds Texas's age verification law for accessing online pornographic content. Additionally, researchers discover Bluetooth vulnerabilities affecting various audio devices, posing eavesdropping risks. The show discusses Scattered Spider's successful social engineering attacks on major industries, emphasizing the need for robust cybersecurity measures. 00:00 Introduction to Cybersecurity Threats 00:27 Ubiquitous Technical Surveillance: A Growing Threat 02:33 Assassination Linked to Data Brokers 04:21 Cyber Attacks on Airlines 05:02 Scattered Spider: The Prolific Cyber Threat 08:10 Bluetooth Vulnerabilities Exposed 10:53 US Supreme Court Upholds Texas Porn ID Law 13:32 Conclusion and Contact Information

In this episode of the Other Side of the Firewall podcast, hosts Ryan Williams Sr., Shannon Tynes, and Chris Abacon discuss the latest cybersecurity news, focusing on the FBI's warning about two-factor authentication bypass attacks by a group called Scattered Spider. They explore the tactics used by this group, the implications for cybersecurity, and the need for more secure authentication methods. The conversation highlights the ongoing challenges in the cybersecurity landscape and the cyclical nature of cybercrime and law enforcement responses. Article: FBI Warning Issued As 2FA Bypass Attacks Surge — Get Prepared https://www.forbes.com/sites/daveywinder/2025/06/30/fbi-warning-issued-as-2fa-bypass-attacks-surge---act-now/ Preorder the guide: theothersideofthefirewall.com Socials: Website - www.ramcyber.io Heroes Media Group: https://www.heroesmediagroup.com/shows/the-other-side-of-the-firewall/ Audio - https://podcasts.apple.com/us/podcast/the-other-side-of-the-firewall/id1542479181 YouTube - https://www.youtube.com/@theothersideofthefirewall7511 ReppedFLIX - https://lnkd.in/eVis2CbS WDJY 99.1 FM: https://www.wdjyfm.com/ TuneIn: https://lnkd.in/e2crcZU8 Facebook - https://www.facebook.com/profile.php?id=61556539026086 Instagram - https://www.instagram.com/theothersideofthefw X (Twitter) - https://twitter.com/Ask_a_CISSP TikTok - https://www.tiktok.com/@ryanwilliams683 Medium - https://medium.com/@ryanwilliamssenior Subscribe to LinkedIn Newsletter - https://www.linkedin.com/build-relation/newsletter-follow?entityUrn=7172626552545865728 LinkedIn - https://www.linkedin.com/company/the-other-side-of-the-firewall/ Ryan on Twitter, LinkedIn, Clubhouse, and Threads - @ryrysecurityguy Chris on LinkedIn - https://www.linkedin.com/in/chrisabacon/ Chapters 00:00 Introduction to Cybersecurity and the Podcast 01:23 FBI Warning on Two-Factor Authentication Bypass 03:49 Scattered Spider: The New Threat in Cybersecurity 07:42 The Future of Authentication: Moving Beyond Passwords 08:50 The Lucrative World of Cybercrime #cybersecurity #scatteredspiders #mfa

The Scattered Spider group targets the aviation sector, Russia throttles traffic from Cloudflare, a Mexican cartel hired hackers to track an FBI official, and Canada tells Hikvision to cease operations. Show notes

Drex covers three critical cybersecurity developments: Scattered Spider's shift to targeting insurance companies including Erie Insurance, Philadelphia Insurance, and Aflac using advanced social engineering tactics; escalating Iran-related cyber threats to US critical infrastructure amid Middle East tensions; and a massive dark web leak exposing 1.6 billion login credentials. Don't miss these actionable security recommendations including reviewing password reset processes, implementing strong authentication measures, and preparing for potential nation-state attacks on healthcare infrastructure.Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex's Lemonade Stand: Foundation for Childhood Cancer

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A new malware strain known as OtterCookie, developed by the North Korean APT group Lazarus, has been dissected in a detailed technical analysis by offensive security expert Mauro Eldritch. Attackers are currently exploiting a critical vulnerability in the Langflow platform — an open-source Python-based web app used to build AI workflows and agents — to deliver a new botnet called Flodrix.A new campaign from an emerging threat group named Water Curse is targeting the software supply chain by leveraging GitHub repositories that masquerade as legitimate security tools. The threat actor known as Scattered Spider, also tracked as UNC3944 by Google and Mandiant, has apparently shifted its operational focus from the retail sector to the US insurance industry, according to a new alert from Google's Threat Intelligence Group.

The Monday Microsegment for the week of June 23rd. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.U.S. officials warn of cyber blowback in the wake of airstrikes on Iran.The largest-ever trove of stolen passwords resurfaces online.And if it walks like a duck and quacks like a duck, it might be the latest attack by Scattered Spider.Head to The Zero Trust Hub: hub.illumio.comIntroducing Illumio Insights: AI Cloud Detection and Response Webinar: https://lp.illumio.com/Introducing-Illumio-Insights-Webinar.On-Demand

CMC officially points finger at Scattered Spider for Marks & Spencer and Co-op attacks Aflac investigating suspicious activity on its U.S. network Russian dairy producers suffer cyberattack Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

Welcome back to the Identity Theft Resource Center's (ITRC) Weekly Breach Breakdown, supported by Sentilink. I'm James E. Lee, the ITRC's President, and this is the episode for June 20, 2025. Happy first day of summer! Each week, we take a look at the latest news and trends related to data security and privacy. This week, we're going to talk about a heads-up being issued by cyber threat researchers. However, we're going to swerve into the rapidly changing cybersecurity policy landscape and ransomware group Scattered Spider – just for fun. If you ask an artificial intelligence bot how many people in the U.S. are afraid of spiders, it will tell you that up to 50 million people suffer from arachnophobia. I'm not one of them, but I'm close. With that said, not all scary spiders are of the 8-legged freak. Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on Twitter: twitter.com/IDTheftCenter

On this week's show Patrick Gray and Adam Boileau are joined by special guest Chris Krebs to discuss the week's cybersecurity news. They talk through: Israeli “hacktivists” take out an Iranian state-owned bank Scattered-spider and friends pivot into attacking insurers Securing identities in a cloud-first world keeps us awake at night Microsoft takes the “aas” out of SaaS for Europe, leaving us with just software! An AI prompt injection into M365 exfils corporate data This week's episode is sponsored by Kroll's Cyber practice. Kroll Cyber Associate Managing Director George Glass is based in London and talks through his experiences helping organisations in the UK deal with the Scattered Spider attacks. This episode is also available on Youtube. Show notes Iran's Bank Sepah disrupted by cyberattack claimed by pro-Israel hacktivist group | CyberScoop Iran orders officials to ditch connected devices Heightened Cyberthreat Amidst Israel-Iran Conflict Threat group linked to UK, US retail attacks now targeting insurance industry | Cybersecurity Dive Coming to Apple OSes: A seamless, secure way to import and export passkeys - Ars Technica Cyberattack on Washington Post Compromises Email Accounts of Journalists Hackers impersonating US government compromise email account of prominent Russia researcher | The Record from Recorded Future News A good one to talk to Chris about: Breaking down ‘EchoLeak', the First Zero-Click AI Vulnerability Enabling Data Exfiltration from Microsoft 365 Copilot CISA warns of supply chain risks as ransomware attacks exploit SimpleHelp flaws | Cybersecurity Dive Whole Foods supplier making progress on restoration after cyberattack left shelves empty | The Record from Recorded Future News Ransomware attack on ticketing platform upends South Korean entertainment industry | The Record from Recorded Future News Advisory: Cybersecurity incident

In this episode, host Jim Love delves into recent cybersecurity threats and breakthroughs. The notorious Scattered Spider hacker group has shifted its focus to US insurance companies after attacking UK retailers earlier this year.  Microsoft's urgent security updates address active zero-day vulnerabilities that allow complete system control. Researchers uncovered an unprotected database exposing 184 million plaintext passwords linked to major platforms. Additionally, musician Beardly Jordan has developed 'Poison Deify,' a technology to protect his music from unauthorized AI scraping by embedding adversarial noise that disrupts machine learning algorithms. These developments highlight the evolving cybersecurity landscape, from coordinated cyber-attacks to innovative countermeasures against AI exploitation. For further details and to engage with the content, listeners are encouraged to visit technewsday.ca. 00:00 Introduction and Headlines 00:30 Scattered Spider Targets US Insurance Companies 02:26 Microsoft Urges Immediate Windows Updates  04:15 Massive Database Breach Exposes 184 Million Passwords 06:59 Musician Strikes Back at AI with Audio Poison Pill 10:07 Implications for Cybersecurity 10:37 Conclusion and Listener Engagement

AI Zombie Lawyers, Scattered Spider, ASUS, Mainframes, GrayAlpha, Backups, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-486

AI Zombie Lawyers, Scattered Spider, ASUS, Mainframes, GrayAlpha, Backups, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-486

Joe Tidy is a BBC cybersecurity correspondent, covering hacking, data security, and online safety. Many have either fallen victim personally to a cyberattack or know someone who has. But what exactly is this growing threat? Who's behind it, why are they doing it, and, most importantly, how can you protect yourself? Expect to learn what Scattered Spider is, if teenage hackers are the new digital cartel and why Russia is such a hotbed for hacking, when cyber security attacks will be treated as an act of war, the wild story of the hacker Julius Kivimäki, the fallout from the crowd strike attack the put the world on standstill, if regulation of the dark web and crypto economy will ever evolve past what it is today, and much more… Sponsors: See discounts for all the products I use and recommend: https://chriswillx.com/deals Get 35% off your first subscription on the best supplements from Momentous at https://livemomentous.com/modernwisdom Get the brand new Whoop 5.0 at https://join.whoop.com/modernwisdom Get a 20% discount & free shipping on Manscaped's shavers at https://manscaped.com/modernwisdom (use code MODERNWISDOM20) Extra Stuff: Get my free reading list of 100 books to read before you die: https://chriswillx.com/books Try my productivity energy drink Neutonic: https://neutonic.com/modernwisdom Episodes You Might Enjoy: #577 - David Goggins - This Is How To Master Your Life: https://tinyurl.com/43hv6y59 #712 - Dr Jordan Peterson - How To Destroy Your Negative Beliefs: https://tinyurl.com/2rtz7avf #700 - Dr Andrew Huberman - The Secret Tools To Hack Your Brain: https://tinyurl.com/3ccn5vkp - Get In Touch: Instagram: https://www.instagram.com/chriswillx Twitter: https://www.twitter.com/chriswillx YouTube: https://www.youtube.com/modernwisdompodcast Email: https://chriswillx.com/contact - Learn more about your ad choices. Visit megaphone.fm/adchoices

Bovril, Deranged Hookworm, Crocodilus, Cartier, Jinx, Conti, Scattered Spider, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-482