#unc3944 — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #unc3944, aggregated by home.social.
-
Scattered Spider Hacker Noah Michael Urban Jailed for 10 Years https://hackread.com/scattered-spider-hacker-noah-michael-urban-jailed/ #NoahMichaelUrban #ScatteredSpider #Cybersecurity #CyberAttack #SIMSwapping #CyberCrime #UNC3944
-
Scattered Spider Hacker Noah Michael Urban Jailed for 10 Years https://hackread.com/scattered-spider-hacker-noah-michael-urban-jailed/ #NoahMichaelUrban #ScatteredSpider #Cybersecurity #CyberAttack #SIMSwapping #CyberCrime #UNC3944
-
Scattered Spider Hacker Noah Michael Urban Jailed for 10 Years https://hackread.com/scattered-spider-hacker-noah-michael-urban-jailed/ #NoahMichaelUrban #ScatteredSpider #Cybersecurity #CyberAttack #SIMSwapping #CyberCrime #UNC3944
-
Scattered Spider Hacker Noah Michael Urban Jailed for 10 Years https://hackread.com/scattered-spider-hacker-noah-michael-urban-jailed/ #NoahMichaelUrban #ScatteredSpider #Cybersecurity #CyberAttack #SIMSwapping #CyberCrime #UNC3944
-
Scattered Spider Hacker Noah Michael Urban Jailed for 10 Years – Source:hackread.com https://ciso2ciso.com/scattered-spider-hacker-noah-michael-urban-jailed-for-10-years-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #NoahMichaelUrban #ScatteredSpider #cybersecurity #CyberAttack #SIMSwapping #CyberCrime #Hackread #UNC3944
-
Scattered Spider Hacker Noah Michael Urban Jailed for 10 Years – Source:hackread.com https://ciso2ciso.com/scattered-spider-hacker-noah-michael-urban-jailed-for-10-years-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #NoahMichaelUrban #ScatteredSpider #cybersecurity #CyberAttack #SIMSwapping #CyberCrime #Hackread #UNC3944
-
Scattered Spider Hacker Noah Michael Urban Jailed for 10 Years – Source:hackread.com https://ciso2ciso.com/scattered-spider-hacker-noah-michael-urban-jailed-for-10-years-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #NoahMichaelUrban #ScatteredSpider #cybersecurity #CyberAttack #SIMSwapping #CyberCrime #Hackread #UNC3944
-
Scattered Spider Hacker Noah Michael Urban Jailed for 10 Years – Source:hackread.com https://ciso2ciso.com/scattered-spider-hacker-noah-michael-urban-jailed-for-10-years-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #NoahMichaelUrban #ScatteredSpider #cybersecurity #CyberAttack #SIMSwapping #CyberCrime #Hackread #UNC3944
-
SIM-Swapper, Scattered Spider Hacker Gets 10 Years https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/ #JudgeHarveyE.Schlesinger #Ne'er-Do-WellNews #NoahMichaelUrban #ScatteredSpider #News4Jax.com #ScatterSwine #SIMSwapping #Mailchimp #StarFraud #DoorDash #lastpass #T-Mobile #KingBob #Oktapus #UNC3944 #TheCom #Twilio #Plex #Sosa
-
SIM-Swapper, Scattered Spider Hacker Gets 10 Years https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/ #JudgeHarveyE.Schlesinger #Ne'er-Do-WellNews #NoahMichaelUrban #ScatteredSpider #News4Jax.com #ScatterSwine #SIMSwapping #Mailchimp #StarFraud #DoorDash #lastpass #T-Mobile #KingBob #Oktapus #UNC3944 #TheCom #Twilio #Plex #Sosa
-
SIM-Swapper, Scattered Spider Hacker Gets 10 Years https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/ #JudgeHarveyE.Schlesinger #Ne'er-Do-WellNews #NoahMichaelUrban #ScatteredSpider #News4Jax.com #ScatterSwine #SIMSwapping #Mailchimp #StarFraud #DoorDash #lastpass #T-Mobile #KingBob #Oktapus #UNC3944 #TheCom #Twilio #Plex #Sosa
-
SIM-Swapper, Scattered Spider Hacker Gets 10 Years https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/ #JudgeHarveyE.Schlesinger #Ne'er-Do-WellNews #NoahMichaelUrban #ScatteredSpider #News4Jax.com #ScatterSwine #SIMSwapping #Mailchimp #StarFraud #DoorDash #lastpass #T-Mobile #KingBob #Oktapus #UNC3944 #TheCom #Twilio #Plex #Sosa
-
SIM-Swapper, Scattered Spider Hacker Gets 10 Years
https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/
#JudgeHarveyE.Schlesinger #Ne'er-Do-WellNews #NoahMichaelUrban #ScatteredSpider #News4Jax.com #ScatterSwine #SIMSwapping #Mailchimp #StarFraud #DoorDash #lastpass #T-Mobile #KingBob #Oktapus #UNC3944 #TheCom #Twilio #Plex #Sosa
-
SIM-Swapper, Scattered Spider Hacker Gets 10 Years
https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/
#JudgeHarveyE.Schlesinger #Ne'er-Do-WellNews #NoahMichaelUrban #ScatteredSpider #News4Jax.com #ScatterSwine #SIMSwapping #Mailchimp #StarFraud #DoorDash #lastpass #T-Mobile #KingBob #Oktapus #UNC3944 #TheCom #Twilio #Plex #Sosa
-
SIM-Swapper, Scattered Spider Hacker Gets 10 Years
https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/
#JudgeHarveyE.Schlesinger #Ne'er-Do-WellNews #NoahMichaelUrban #ScatteredSpider #News4Jax.com #ScatterSwine #SIMSwapping #Mailchimp #StarFraud #DoorDash #lastpass #T-Mobile #KingBob #Oktapus #UNC3944 #TheCom #Twilio #Plex #Sosa
-
SIM-Swapper, Scattered Spider Hacker Gets 10 Years
https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/
#JudgeHarveyE.Schlesinger #Ne'er-Do-WellNews #NoahMichaelUrban #ScatteredSpider #News4Jax.com #ScatterSwine #SIMSwapping #Mailchimp #StarFraud #DoorDash #lastpass #T-Mobile #KingBob #Oktapus #UNC3944 #TheCom #Twilio #Plex #Sosa
-
SIM-Swapper, Scattered Spider Hacker Gets 10 Years
https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/
#JudgeHarveyE.Schlesinger #Ne'er-Do-WellNews #NoahMichaelUrban #ScatteredSpider #News4Jax.com #ScatterSwine #SIMSwapping #Mailchimp #StarFraud #DoorDash #lastpass #T-Mobile #KingBob #Oktapus #UNC3944 #TheCom #Twilio #Plex #Sosa
-
From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944
#UNC3944
https://cloud.google.com/blog/topics/threat-intelligence/defending-vsphere-from-unc3944 -
Scattered Spider hackers shift focus to aviation, transportation firms
If you work in aviation or transportation, LISTEN
- Scattered Spider is actively targeting your industry.
- They are using trycloudflare.com to deliver Chisel, a FOSS encrypted reverse proxy.
ACTION ITEMS:
- block trycloudflare.com by FQDN.
- make sure you are using IPS or app signatures on your firewalls to detect the chisel traffic.
NOTE: Chisel is encrypted, so you need to be doing full SSL inspection (TLSI) to effectively detect and block the app.
Additional Resources:
Please don't let this fuck up your 4th.
#ScatteredSpider #UNC3944 #Chisel #ChiselMalware #ThreatIntel #CyberSecurity
-
We were warned this would happen. And now here we are.
United Natural Foods ($UNFI) has had to switch off systems after a cyberattack, crippling its operations. This is a huge deal, because #UNFI is a big part of the grocery distribution network in the U.S. and Canada.
Once again, it looks like the work of #UNC3944, a/k/a #ScatteredSpider. In #SBBlogwatch, we hoard canned goods.
@TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://securityboulevard.com/2025/06/united-natural-foods-hack-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc
-
CISOs should fortify help desk and employee defenses, enhance intrusion detection and tracking capabilities, and recognize that paying ransoms is not a viable strategy.
#ScatteredSpider #UNC3944 #Starfraud #ScatterSwine #MuddledLibra #OctoTempest #0katpus.
-
CISOs should fortify help desk and employee defenses, enhance intrusion detection and tracking capabilities, and recognize that paying ransoms is not a viable strategy.
#ScatteredSpider #UNC3944 #Starfraud #ScatterSwine #MuddledLibra #OctoTempest #0katpus.
-
CISOs should fortify help desk and employee defenses, enhance intrusion detection and tracking capabilities, and recognize that paying ransoms is not a viable strategy.
#ScatteredSpider #UNC3944 #Starfraud #ScatterSwine #MuddledLibra #OctoTempest #0katpus.
-
CISOs should fortify help desk and employee defenses, enhance intrusion detection and tracking capabilities, and recognize that paying ransoms is not a viable strategy.
#ScatteredSpider #UNC3944 #Starfraud #ScatterSwine #MuddledLibra #OctoTempest #0katpus.
-
Google Warns UK Retailer Hackers Now Targeting US https://www.securityweek.com/google-warns-uk-retailer-hackers-now-targeting-us/ #ScatteredSpider #DragonForce #Ransomware #ransomware #UNC3944 #retail #US
-
Google Warns UK Retailer Hackers Now Targeting US https://www.securityweek.com/google-warns-uk-retailer-hackers-now-targeting-us/ #ScatteredSpider #DragonForce #Ransomware #ransomware #UNC3944 #retail #US
-
Three major British retailers recently attacked, resulting in huge damage. Now we see the self-same scum spotlighting stores in the States.
Google’s Mandiant threat intelligence team issued this dire warning yesterday. The scrotes appear to be #UNC3944, a/k/a #ScatteredSpider, a casual confederacy of criminals wielding #DragonForce #ransomware.
“Shields up, U.S. retailers,” quipped Mandiant’s chief analyst. In #SBBlogwatch, we hail the Kobayashi Maru.
@TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://securityboulevard.com/2025/05/scattered-spider-us-retail-google-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc
-
Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines
#UNC3944
https://cloud.google.com/blog/topics/threat-intelligence/unc3944-proactive-hardening-recommendations -
US Charges 5 Suspected MGM Hackers from Scattered Spider Gang – Source:hackread.com https://ciso2ciso.com/us-charges-5-suspected-mgm-hackers-from-scattered-spider-gang-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #ScatteredSpider #cybersecurity #CyberCrime #Hackread #Phishing #UNC3944 #Crypto #MGM
-
US Charges 5 Suspected MGM Hackers from Scattered Spider Gang https://hackread.com/us-charges-suspected-mgm-hackers-scattered-spider/ #ScatteredSpider #Cybersecurity #CyberCrime #Phishing #UNC3944 #Crypto #MGM
-
I just finished a video on #UNC3944 aka #ScatteredSpider.
If $dayjob doesn't get it online ASAP, I'll post it here soon.
Stay tuned...
-
UNC3944 aka ‘Scattered Spider’ Shifts Focus to Data Theft from SaaS Applications https://thecyberexpress.com/unc3944-shifts-focus-to-data-theft-from-saas/ #ThreatIntelligenceNews #TheCyberExpressNews #SoftwareasaService #CybersecurityNews #SaaSApplications #AttackLifecycle #ScatteredSpider #TheCyberExpress #FirewallDaily #ThreatActors #HackerNews #Ransomware #DataTheft #Mandiant #UNC3944 #SaaS
-
From infiltration to crypto-lock sometimes in hours (not days) — as attackers refine tactics, 'speed matters,' experts warn
https://www.databreachtoday.com/as-attackers-refine-tactics-speed-matters-experts-warn-a-24605 #ScatteredSpider #muddledlibra #octotempest #UNC3944 -
From infiltration to crypto-lock sometimes in hours (not days) — as attackers refine tactics, 'speed matters,' experts warn
https://www.databreachtoday.com/as-attackers-refine-tactics-speed-matters-experts-warn-a-24605 #ScatteredSpider #muddledlibra #octotempest #UNC3944 -
From infiltration to crypto-lock sometimes in hours (not days) — as attackers refine tactics, 'speed matters,' experts warn
https://www.databreachtoday.com/as-attackers-refine-tactics-speed-matters-experts-warn-a-24605 #ScatteredSpider #muddledlibra #octotempest #UNC3944 -
From infiltration to crypto-lock sometimes in hours (not days) — as attackers refine tactics, 'speed matters,' experts warn
https://www.databreachtoday.com/as-attackers-refine-tactics-speed-matters-experts-warn-a-24605 #ScatteredSpider #muddledlibra #octotempest #UNC3944 -
From infiltration to crypto-lock sometimes in hours (not days) — as attackers refine tactics, 'speed matters,' experts warn
https://www.databreachtoday.com/as-attackers-refine-tactics-speed-matters-experts-warn-a-24605 #ScatteredSpider #muddledlibra #octotempest #UNC3944 -
#SIMswapping is still a very real thing. Now, it's being used to bypass defense and detection methods within #Azure to gain full #administrative access for #Windows #VirtualMachines. This is pretty advanced, but it's still a big danger. #UNC3944 https://www.scmagazine.com/news/cloud-security/threat-actor-bypasses-detection-protections-in-microsoft-azure-serial-console?external_id=HBwZ-n4B490LDY0Z-dKj&external_id_source=mrkto&mkt_tok=MTg4LVVOWi02NjAAAAGLzUgAlV_uPRm28W067Sf5RayoZQN17Xrk53YEG17z3Gl_7qKsu2bjdUUW2CRUpserJQgXmMB46ieb_G5KrSlLHQGWs_K0TtXaXsrlmIPgkg
#Hacking #ThreatIntelligence #InitialAccess #LateralMovement #Persistence #Cloud #CloudAttackSurface
-
#SIMswapping is still a very real thing. Now, it's being used to bypass defense and detection methods within #Azure to gain full #administrative access for #Windows #VirtualMachines. This is pretty advanced, but it's still a big danger. #UNC3944 https://www.scmagazine.com/news/cloud-security/threat-actor-bypasses-detection-protections-in-microsoft-azure-serial-console?external_id=HBwZ-n4B490LDY0Z-dKj&external_id_source=mrkto&mkt_tok=MTg4LVVOWi02NjAAAAGLzUgAlV_uPRm28W067Sf5RayoZQN17Xrk53YEG17z3Gl_7qKsu2bjdUUW2CRUpserJQgXmMB46ieb_G5KrSlLHQGWs_K0TtXaXsrlmIPgkg
#Hacking #ThreatIntelligence #InitialAccess #LateralMovement #Persistence #Cloud #CloudAttackSurface
-
#SIMswapping is still a very real thing. Now, it's being used to bypass defense and detection methods within #Azure to gain full #administrative access for #Windows #VirtualMachines. This is pretty advanced, but it's still a big danger. #UNC3944 https://www.scmagazine.com/news/cloud-security/threat-actor-bypasses-detection-protections-in-microsoft-azure-serial-console?external_id=HBwZ-n4B490LDY0Z-dKj&external_id_source=mrkto&mkt_tok=MTg4LVVOWi02NjAAAAGLzUgAlV_uPRm28W067Sf5RayoZQN17Xrk53YEG17z3Gl_7qKsu2bjdUUW2CRUpserJQgXmMB46ieb_G5KrSlLHQGWs_K0TtXaXsrlmIPgkg
#Hacking #ThreatIntelligence #InitialAccess #LateralMovement #Persistence #Cloud #CloudAttackSurface
-
#SIMswapping is still a very real thing. Now, it's being used to bypass defense and detection methods within #Azure to gain full #administrative access for #Windows #VirtualMachines. This is pretty advanced, but it's still a big danger. #UNC3944 https://www.scmagazine.com/news/cloud-security/threat-actor-bypasses-detection-protections-in-microsoft-azure-serial-console?external_id=HBwZ-n4B490LDY0Z-dKj&external_id_source=mrkto&mkt_tok=MTg4LVVOWi02NjAAAAGLzUgAlV_uPRm28W067Sf5RayoZQN17Xrk53YEG17z3Gl_7qKsu2bjdUUW2CRUpserJQgXmMB46ieb_G5KrSlLHQGWs_K0TtXaXsrlmIPgkg
#Hacking #ThreatIntelligence #InitialAccess #LateralMovement #Persistence #Cloud #CloudAttackSurface
-
#SIMswapping is still a very real thing. Now, it's being used to bypass defense and detection methods within #Azure to gain full #administrative access for #Windows #VirtualMachines. This is pretty advanced, but it's still a big danger. #UNC3944 https://www.scmagazine.com/news/cloud-security/threat-actor-bypasses-detection-protections-in-microsoft-azure-serial-console?external_id=HBwZ-n4B490LDY0Z-dKj&external_id_source=mrkto&mkt_tok=MTg4LVVOWi02NjAAAAGLzUgAlV_uPRm28W067Sf5RayoZQN17Xrk53YEG17z3Gl_7qKsu2bjdUUW2CRUpserJQgXmMB46ieb_G5KrSlLHQGWs_K0TtXaXsrlmIPgkg
#Hacking #ThreatIntelligence #InitialAccess #LateralMovement #Persistence #Cloud #CloudAttackSurface
-
Cryptocurrency exchange operator Coinbase have disclosed an attempted intrusion by #UNC3944/#ScatteredSpider from early February.
The attack used SMS Phishing (#Smishing) to deliver a malicious URL that pointed to a credential harvesting campaign, but thankfully despite an employee falling for the fake login page, they hesitated when the attackers attempted to socially engineer their way past MFA protections.
UNC3944 is a highly capable actor that has only been growing in sophistication since their debut in the 0ktapus campaign of 2022, and one that every organisation should be wary of.
We've summarised the key TTP overlaps between these intrusions and provided some tips on how to enhance the resistance of your MFA solutions against social engineering and MFA fatigue attacks: https://opalsec.substack.com/p/return-of-the-0ktapus?sd=pf
#infosec #cyber #informationsecurity #cybersecurity #security #technology #soc #threatintel #threatintelligence #hacked #hacking #hacker #compromise #coinbase #crypto #cryptocurrencies