Premium Domain Names for Sale at CrocoDom.com
Scattered Spider is as active as ever, despite authorities claiming that they’re close to nailing its members.
May 14, 2024
Scattered Spider hackers have been tearing through the finance and insurance sectors, all while authorities are preparing legal actions to stop them.
A game of cops and robbers is playing out between the FBI and Scattered Spider (aka UNC3944, 0ktapus, Roasted Oktapus, Scatter Swine, Octo Tempest, Muddled Libra), the cybercrime outfit a la mode, ever since its high-profile attacks against MGM Resorts and Caesars Entertainment. If recent rumblings are to be believed, the future of the group might well be determined in short course.
On one side, Brett Leatherman, the FBI’s cyber deputy assistant director, told reporters in various interviews at RSAC 2024 about the agency’s plans to bring charges against members of Scattered Spider, primarily under the well-worn Computer Fraud and Abuse Act.
And yet, clearly, Scattered Spider hasn’t felt that pressure coming. In recent months it has only expanded its scope, with attacks targeting industries as broad as retail, food services, and video games.
In just the past few weeks, the group compromised at least 29 companies in the finance and insurance industries, according to research from Resilience. An anonymous researcher told Bloomberg that among those targeted were household names like Visa, PNC, Transamerica, and New York Life Insurance Co., though they didn’t reveal which of those organizations in particular had failed to stop their attackers.
This latest campaign has had some of the usual hallmarks of Scattered Spider attacks: lookalike domains mimicking organizations’ Okta and content management system (CMS) sign-on pages, with the potential for follow-on SIM swap attacks that leak sensitive corporate data. There was a notable efficiency to the attacks as well, with Scattered Spider swiftly deploying its infrastructure and conducting its attacks in only a few hours’ time.
The effects of law enforcement interventions into cybercrime often are found in the finer details: the confidence that affiliates lose in brand-name groups, the power vacuums that result, and the looming threat to anyone who dares take their place.
There’s little evidence that major takedowns of infrastructure, or even arrests here and there, take significant numbers of criminals off the web. The keyboard warrior is a shifty species that’s tough to find and pin down, and tends to reconstitute in new forms after brief periods of disruption. Worse is when they reside in parts of the world where law enforcement isn’t equipped or inclined to help out Western authorities.
The rub with Scattered Spider is that it’s distinctly not foreign. Its members are thought to be primarily young people in the US and the UK. If ever there were a hacking operation the FBI could wipe out, full stop, it would be this one.
But taking out a major hacking operation is not a simple job, says former FBI cyber special agent Adam Marrè, now chief information security officer (CISO) at Arctic Wolf. “It’s about making sure you can prove all the elements of a crime, and prove it to such a degree that you can get good penalties that will be punitive and discourage others from doing the same thing. It takes a while to build a case like that,” he explains.
To achieve that, he continues, “They’re going to be doing everything from getting informants, or possibly undercovers, into online forums where they can talk to perpetrators whose guard might be down. It’s also going to be important for them to collect evidence from victim companies that can be then used to attribute the actions of these actors. The most difficult part is always attribution, so being able to show who was behind the keyboard when that happened takes all the investigative techniques that they have at their disposal.”
Because ironclad attribution is so crucial, and because it’s so elusive, the openness and cooperation of targeted organizations may prove the difference in bringing bad guys to justice.
“I’m always an advocate that, during peacetime, when you’re not attacked, you should still go talk to your local authorities,” Marrè emphasizes. “Find out who they are, find out what numbers you can call, so that you know these folks when bad things happen. And then, possibly, you can have an effect on the whole cybercrime industry, lessening the likelihood that these things will happen to other people.”
Nate Nelson, Contributing Writer
Nate Nelson is a freelance writer based in New York City. Formerly a reporter at Threatpost, he contributes to a number of cybersecurity blogs and podcasts. He writes “Malicious Life” — an award-winning Top 20 tech podcast on Apple and Spotify — and hosts every other episode, featuring interviews with leading voices in security. He also co-hosts “The Industrial Security Podcast,” the most popular show in its field.
You May Also Like
Why Effective Asset Management is Critical to Enterprise Cybersecurity
Finding Your Way on the Path to Zero Trust
Extending Access Management: Securing Access for all Identities, Devices, and Applications
Assessing Software Supply Chain Risk
Preventing Attackers From Wandering Through Your Enterprise Infrastructure
Black Hat USA – August 3-8 – Learn More
Cybersecurity’s Hottest New Technologies: What You Need To Know
2023 Global Threat Report
EMA: AI at your fingertips: How Elastic AI Assistant simplifies cybersecurity
Industrial Networks in the Age of Digitalization
Zero-Trust Adoption Driven by Data Protection
How Enterprises Assess Their Cyber-Risk
Generative AI Gifts
5 Essential Insights into Generative AI for Security Leaders
Elastic named a Leader in The Forrester Wave™: Security Analytics Platforms, Q4 2022
A Short Primer on Container Scanning
Cisco Panoptica for Simplified Cloud-Native Application Security
Black Hat USA – August 3-8 – Learn More
Cybersecurity’s Hottest New Technologies: What You Need To Know
Copyright © 2024 Informa PLC Informa UK Limited is a company registered in England and Wales with company number 1072954 whose registered office is 5 Howick Place, London, SW1P 1WG.
source
Premium Domain Names:
A premium domain name is a highly sought-after domain that is typically short, memorable, and contains popular keywords or phrases. These domain names are considered valuable due to their potential to attract more organic traffic and enhance branding efforts. Premium domain names are concise and usually consist of one to two words or two to four individual characters.
Top-Level Domain Names for Sale on Crocodom.com:
If you are looking for top-level domain names for sale, you can visit Crocodom.com. Crocodom.com is a platform that offers a selection of domain names at various price ranges. It is important to note that the availability of specific domain names may vary, and it’s recommended to check the website for the most up-to-date information.
Contact at crocodomcom@gmail.com:
If you have any inquiries or need assistance regarding the domain names available on Crocodom.com, you can reach out to them via email at crocodomcom@gmail.com. Feel free to contact them for any questions related to the domain names or the purchasing process.
Availability on Sedo.com, Dan.com, and Afternic.com:
Apart from Crocodom.com, you can also explore other platforms like Sedo.com, Dan.com, and Afternic.com for available domain names. These platforms are popular marketplaces for buying and selling domain names. Each platform may have its own inventory of domain names, so it’s worth checking multiple sources to find the perfect domain name for your needs.
#PremiumDomains #DomainInvesting #DigitalAssets #DomainMarketplace #DomainFlipping #BrandableDomains #DomainBrokers #DomainAcquisition #DomainPortfolio #DomainIndustry #DomainAuctions #DomainInvestors #DomainSales #DomainExperts #DomainValue #DomainBuyers #DomainNamesForSale #DomainBrand #DomainInvestment #DomainTrading
+ There are no comments
Add yours