Scattered Spider Hops Nimbly From Cloud to On-Prem in Complex Attack

The actor behind the high-profile MGM incident jumps across segmentations in under an hour, in a ransomware attack spanning Okta, Citrix, Azure, SharePoint, and more. [TechWeb]( Follow Dark Reading: [RSS]( November 27, 2023 LATEST SECURITY NEWS & COMMENTARY [Scattered Spider Hops Nimbly From Cloud to On-Prem in Complex Attack]( The actor behind the high-profile MGM incident jumps across segmentations in under an hour, in a ransomware attack spanning Okta, Citrix, Azure, SharePoint, and more. [Rootkit Turns Kubernetes From Orchestration to Subversion]( Kubernetes compromises have usually led to attackers creating cryptomining containers, but the outcomes could be much worse, say researchers presenting at the Black Hat Europe conference. [Fake Browser Updates Targeting Mac Systems With Infostealer]( A pervasive ClearFake campaign targeting Windows systems with Atomic Stealer has expanded its social engineering scams to MacOS users, analysts warn. [Researchers Undermine 'Windows Hello' on Lenovo, Dell, Surface Pro PCs]( Biometric security on PCs isn't quite as bulletproof as you might think, as the line between sensors and host computers can be tampered with. [Web Shells Gain Sophistication for Stealth, Persistence]( A favorite post-exploitation tool continues to gain sophistication, with one recent example adding disguised log-in pages, credential stealing, and information gathering via services such as VirusTotal. [Mideast Oil & Gas Facilities Could Face Cyber-Related Energy Disruptions]( The Israel-Gaza conflict could expose the region's oil and gas operations to renewed cyberattacks, with global ramifications. [3 Ways to Stop Unauthorized Code From Running in Your Network]( As organizations increasingly rely on AI-developed code, they must put guardrails in place to prevent major cybersecurity risks related to malicious code. [Idaho National Nuclear Lab Targeted in Major Data Breach]( The laboratory operates a major test reactor, tests advanced nuclear energy concepts, and conducts research involving hydrogen production and bioenergy. [Qatar Cyber Agency Runs National Cyber Drills]( Qatari organizations participate in cybersecurity exercises to hone their incident response plans and processes. [(Sponsored Article) Sky's the Limit, but What About API Security? Challenges in the Cloud-First Era]( APIs enable cloud transformation but bring security risks, demanding robust, adaptive strategies to safeguard data and operations. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Kinsing Cyberattackers Target Apache ActiveMQ Flaw to Mine Crypto]( Active exploit of the critical RCE flaw targets Linux systems to achieve full system compromise. [Maximize Cybersecurity Returns: 5 Key Steps to Enhancing ROI]( Cybersecurity isn't a one-time task. It's an ongoing effort that needs regular checks, updates, and teamwork. [Amid Military Buildup, China Deploys Mustang Panda in the Philippines]( China pairs cyber and kinetic attacks in the South Pacific as it continues to wrangle control of the South China Sea. [MORE]( EDITORS' CHOICE [DPRK Hackers Masquerade as Tech Recruiters, Job Seekers]( No one has turned the job market into an attack surface quite like North Korea, which plays both sides for financial gain and, possibly, espionage. LATEST FROM THE EDGE [AI Helps Uncover Russian State-Sponsored Disinformation in Hungary]( Researchers used machine learning to analyze Hungarian media reports and found Russian narratives soured the nation's perspective on EU sanctions and arms deliveries months before the Ukraine invasion. LATEST FROM DR TECHNOLOGY [Generative AI Takes on SIEM]( IBM joins CrowdStrike and Microsoft is releasing AI models to cloud-native SIEM platforms. LATEST FROM DR GLOBAL [The Persian Gulf's March to the Cloud Presents Global Opportunities]( Loosening attitudes about cloud security are expected to create a nearly $10 billion public cloud market in the Middle East by 2027. WEBINARS - [Modern Supply Chain Security: Integrated, Interconnected, and Context-Driven]( In this session, you'll learn what a holistic approach to SSCS requires, including a comprehensive inventory of your supply chain, connecting risks across the development lifecycle, and leveraging code-to-runtime context to prioritize risks. We'll provide examples of "toxic combinations" between ... - [SecOps & DevSecOps in the Cloud]( Security teams today face the dual challenge of securing cloud-native applications as well as their software development processes that increasingly operate in the cloud. At the same time, attacks are rising against misconfigured cloud instances as well as a new ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [The Ultimate Guide to the CISSP]( [View More White Papers >>]( FEATURED REPORTS - [Passwords Are Passe: Next Gen Authentication Addresses Today's Threats]( - [Everything You Need to Know About DNS Attacks]( - [Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks]( The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Lasso Security Emerges From Stealth With $6M Seed Funding for Gen AI and Advanced LLM Cybersecurity]( [Netskope Delivers the Next Gen SASE Branch, Powered by Borderless SD-WAN]( [Illumio Delivers Zero-Trust Segmentation Platform With the Addition of CloudSecure]( [Malwarebytes Labs Reveals 50% Uptick in Credit Card Skimming in Advance of the Holiday Shopping Season]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Tips for a Streamlined Transition to Zero Trust]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=119560&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_11.27.23&sp_cid=50699&utm_content=DR_NL_Dark%20Reading%20Daily_11.27.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#0f If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)