#unc3944 — Public Fediverse posts

SIM-Swapper, Scattered Spider Hacker Gets 10 Years https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/ #JudgeHarveyE.Schlesinger #Ne'er-Do-WellNews #NoahMichaelUrban #ScatteredSpider #News4Jax.com #ScatterSwine #SIMSwapping #Mailchimp #StarFraud #DoorDash #lastpass #T-Mobile #KingBob #Oktapus #UNC3944 #TheCom #Twilio #Plex #Sosa

SIM-Swapper, Scattered Spider Hacker Gets 10 Years https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/ #JudgeHarveyE.Schlesinger #Ne'er-Do-WellNews #NoahMichaelUrban #ScatteredSpider #News4Jax.com #ScatterSwine #SIMSwapping #Mailchimp #StarFraud #DoorDash #lastpass #T-Mobile #KingBob #Oktapus #UNC3944 #TheCom #Twilio #Plex #Sosa

SIM-Swapper, Scattered Spider Hacker Gets 10 Years https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/ #JudgeHarveyE.Schlesinger #Ne'er-Do-WellNews #NoahMichaelUrban #ScatteredSpider #News4Jax.com #ScatterSwine #SIMSwapping #Mailchimp #StarFraud #DoorDash #lastpass #T-Mobile #KingBob #Oktapus #UNC3944 #TheCom #Twilio #Plex #Sosa

SIM-Swapper, Scattered Spider Hacker Gets 10 Years https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/ #JudgeHarveyE.Schlesinger #Ne'er-Do-WellNews #NoahMichaelUrban #ScatteredSpider #News4Jax.com #ScatterSwine #SIMSwapping #Mailchimp #StarFraud #DoorDash #lastpass #T-Mobile #KingBob #Oktapus #UNC3944 #TheCom #Twilio #Plex #Sosa

SIM-Swapper, Scattered Spider Hacker Gets 10 Years

https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/

#JudgeHarveyE.Schlesinger #Ne'er-Do-WellNews #NoahMichaelUrban #ScatteredSpider #News4Jax.com #ScatterSwine #SIMSwapping #Mailchimp #StarFraud #DoorDash #lastpass #T-Mobile #KingBob #Oktapus #UNC3944 #TheCom #Twilio #Plex #Sosa

SIM-Swapper, Scattered Spider Hacker Gets 10 Years

https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/

#JudgeHarveyE.Schlesinger #Ne'er-Do-WellNews #NoahMichaelUrban #ScatteredSpider #News4Jax.com #ScatterSwine #SIMSwapping #Mailchimp #StarFraud #DoorDash #lastpass #T-Mobile #KingBob #Oktapus #UNC3944 #TheCom #Twilio #Plex #Sosa

SIM-Swapper, Scattered Spider Hacker Gets 10 Years

https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/

#JudgeHarveyE.Schlesinger #Ne'er-Do-WellNews #NoahMichaelUrban #ScatteredSpider #News4Jax.com #ScatterSwine #SIMSwapping #Mailchimp #StarFraud #DoorDash #lastpass #T-Mobile #KingBob #Oktapus #UNC3944 #TheCom #Twilio #Plex #Sosa

SIM-Swapper, Scattered Spider Hacker Gets 10 Years

https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/

#JudgeHarveyE.Schlesinger #Ne'er-Do-WellNews #NoahMichaelUrban #ScatteredSpider #News4Jax.com #ScatterSwine #SIMSwapping #Mailchimp #StarFraud #DoorDash #lastpass #T-Mobile #KingBob #Oktapus #UNC3944 #TheCom #Twilio #Plex #Sosa

SIM-Swapper, Scattered Spider Hacker Gets 10 Years

https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/

#JudgeHarveyE.Schlesinger #Ne'er-Do-WellNews #NoahMichaelUrban #ScatteredSpider #News4Jax.com #ScatterSwine #SIMSwapping #Mailchimp #StarFraud #DoorDash #lastpass #T-Mobile #KingBob #Oktapus #UNC3944 #TheCom #Twilio #Plex #Sosa

Scattered Spider hackers shift focus to aviation, transportation firms

If you work in aviation or transportation, LISTEN

• Scattered Spider is actively targeting your industry.
• They are using trycloudflare.com to deliver Chisel, a FOSS encrypted reverse proxy.

ACTION ITEMS:

• block trycloudflare.com by FQDN.
• make sure you are using IPS or app signatures on your firewalls to detect the chisel traffic.

NOTE: Chisel is encrypted, so you need to be doing full SSL inspection (TLSI) to effectively detect and block the app.

Additional Resources:

• chisel repo
• CISA chisel overview
• Scattered Spider CISA Advisory

Please don't let this fuck up your 4th.

#ScatteredSpider #UNC3944 #Chisel #ChiselMalware #ThreatIntel #CyberSecurity

We were warned this would happen. And now here we are.

United Natural Foods ($UNFI) has had to switch off systems after a cyberattack, crippling its operations. This is a huge deal, because #UNFI is a big part of the grocery distribution network in the U.S. and Canada.

Once again, it looks like the work of #UNC3944, a/k/a #ScatteredSpider. In #SBBlogwatch, we hoard canned goods.

@TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://securityboulevard.com/2025/06/united-natural-foods-hack-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc

#SIMswapping is still a very real thing. Now, it's being used to bypass defense and detection methods within #Azure to gain full #administrative access for #Windows #VirtualMachines. This is pretty advanced, but it's still a big danger. #UNC3944 https://www.scmagazine.com/news/cloud-security/threat-actor-bypasses-detection-protections-in-microsoft-azure-serial-console?external_id=HBwZ-n4B490LDY0Z-dKj&external_id_source=mrkto&mkt_tok=MTg4LVVOWi02NjAAAAGLzUgAlV_uPRm28W067Sf5RayoZQN17Xrk53YEG17z3Gl_7qKsu2bjdUUW2CRUpserJQgXmMB46ieb_G5KrSlLHQGWs_K0TtXaXsrlmIPgkg

#Hacking #ThreatIntelligence #InitialAccess #LateralMovement #Persistence #Cloud #CloudAttackSurface