Government, Industry Specific Microsoft Issues Urgent Warning After SharePoint Vulnerability Breach Targeting State Actors Chris Riotta (@chrisriotta) • August 14, 2025 The Ottawa Parliament Building. (Image: Shutterstock) A significant security breach has occurred within Canada’s House of Commons, where hackers accessed a sensitive database containing confidential office locations and personal…
Scattered Spider Compromises VMware ESXi to Launch Ransomware Against Critical U.S. Infrastructure
July 28, 2025
Cyber Attack / Ransomware
The infamous cybercrime group Scattered Spider is targeting VMware ESXi hypervisors in a series of attacks against the retail, airline, and transportation sectors in North America. According to an in-depth analysis by Google’s Mandiant team, “The group’s core tactics remain unchanged and do not depend on software exploits. Instead, they employ a strategic playbook that primarily involves phone calls to IT help desks.” The actors are described as aggressive and innovative, particularly adept at using social engineering to bypass even robust security systems. Their operations are precision-driven campaigns focused on the most critical systems and data of their victims. Also known as 0ktapus, Muddled Libra, Octo Tempest, and UNC3944, these threat actors have a track record of executing sophisticated social engineering tactics to gain initial access to target environments, subsequently employing a “living-off-the-land” (LotL) strategy by leveraging trusted administrative tools.
Scattered Spider Breaches VMware ESXi to Launch Ransomware Attacks on Critical U.S. Infrastructure July 28, 2025 In a concerning escalation of cyber threats, the cybercriminal group known as Scattered Spider has been orchestrating targeted attacks on VMware ESXi hypervisors, primarily affecting sectors such as retail, airlines, and transportation across North…
Scattered Spider Compromises VMware ESXi to Launch Ransomware Against Critical U.S. Infrastructure
July 28, 2025
Cyber Attack / Ransomware
The infamous cybercrime group Scattered Spider is targeting VMware ESXi hypervisors in a series of attacks against the retail, airline, and transportation sectors in North America. According to an in-depth analysis by Google’s Mandiant team, “The group’s core tactics remain unchanged and do not depend on software exploits. Instead, they employ a strategic playbook that primarily involves phone calls to IT help desks.” The actors are described as aggressive and innovative, particularly adept at using social engineering to bypass even robust security systems. Their operations are precision-driven campaigns focused on the most critical systems and data of their victims. Also known as 0ktapus, Muddled Libra, Octo Tempest, and UNC3944, these threat actors have a track record of executing sophisticated social engineering tactics to gain initial access to target environments, subsequently employing a “living-off-the-land” (LotL) strategy by leveraging trusted administrative tools.
In recent developments, instances of fraudulent calls utilizing artificial intelligence to replicate familiar voices have surfaced with alarming frequency. These scams often manipulate the voice of a grandchild, colleague, or executive to convey urgent messages, compelling victims to rapidly wire money, share sensitive information, or visit harmful websites. The deceptive…
Fraud Management & Cybercrime, Social Engineering Hacking Tactics Linked to Retail and Airline Breaches Akshaya Asokan (asokan_akshaya) • July 25, 2025 Image: Shutterstock A group of adolescent cybercriminals known as Scattered Spider has recently targeted VMware hypervisors, successfully infiltrating corporate environments through Active Directory. This emerging threat landscape has led…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Governance & Risk Management Security Researchers Warn of Widespread Access to Exploit Code by Diverse Hacking Groups Mathew J. Schwartz (euroinfosec) • July 22, 2025 Image: Shutterstock/Microsoft Recent assessments indicate that hackers have been exploiting zero-day vulnerabilities in Microsoft SharePoint, primarily to…
Cloud Security, Cloud-Native Application Protection Platform (CNAPP), Security Operations COO Francis deSouza Discusses Google Cloud’s Initiative for Unified Multi-Cloud Security Michael Novinson (MichaelNovinson) • July 17, 2025 Francis deSouza, Chief Operating Officer, Google Cloud (Image: Google Cloud) Google’s recent acquisition of Wiz for $32 billion has been largely motivated by…
Recent Investigative Findings on ICE Detention Centers: A Troubling Overview This week, WIRED unveiled a persuasive investigation into the alarming state of U.S. Immigration and Customs Enforcement (ICE) detention facilities. The report, backed by numerous audio recordings and records of emergency calls, exposes a multitude of life-threatening incidents inside these…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Psychological Warfare Takes Center Stage Amid Cyber Tensions David Perera (@daveperera) • June 23, 2025 Image: Shutterstock Following the recent U.S. airstrike on Iranian nuclear development sites, warnings regarding potential Iranian cyberattacks have intensified. Observations suggest that Iran may respond to ongoing…
Cybersecurity experts from Google have issued a warning about the Scattered Spider hacking group, which is now shifting its focus from the UK to retail sectors in the United States. Scattered Spider, a group infamous for its disruptive attacks on UK retailers, is now actively targeting US retail companies. This…
