Tech News Logo xytoviy

Latest Tech Insights

Stay updated with the most innovative developments in technology, AI, and computing.

Explore Now
Tech Innovation
Back to News

Microsoft Updates Defenses as Scattered Spider Cyber Gang Steps Up Attacks

Published: June 10, 2024 By Editorial Staff

Microsoft has announced targeted updates across its Defender and Sentinel cybersecurity platforms to help customers defend against the rapidly evolving tactics of the Scattered Spider cybercrime group. Microsoft Defender dashboard interface showing security alerts Cybersecurity analysts at work monitoring security systems Known in Microsoft's threat telemetry as 'Octo Tempest', Scattered Spider has escalated its activities in recent months, shifting its targets across sectors including UK retail, insurance, and, most recently, aviation. Notably, the group has become more adaptive in its attack methods, which frequently include social engineering, user impersonation, phishing via SMS, and leveraging advanced tools such as ngrok, Chisel, and AADInternals. Their goal is often to gain access and exfiltrate sensitive data for extortion and ransomware attacks. Recent observations show the group increasingly using DragonForce ransomware, especially against VMware ESX hypervisor environments. Unlike prior attacks focusing first on cloud identities, Scattered Spider now targets both on-premise accounts and infrastructure early in their campaigns, then moves to cloud resources. Microsoft's security teams stress that the group tends to concentrate on one industry for weeks or months before moving to new targets. In response, Microsoft has upgraded Defender's threat detection across endpoints, identities, cloud applications, email, and collaboration tools. Attack disruption features now use advanced intelligence and AI-powered models to contain threats faster. If an account is compromised, Defender can disable it and revoke all active sessions to prevent further access. Illustration of identity-based cyber attack using social engineering Additional enhancements include improved hunting tools to help organizations identify high-value individuals at risk of social engineering attempts before an attack begins. Analysts using Microsoft Defender XDR and Sentinel can now query data more deeply and use new exposure management capabilities, including guidance on Scattered Spider's tactics, to strengthen defenses. These steps come as the gang's attacks have been linked to significant incidents across well-known retailers, airlines, and insurance companies, demonstrating the need for constant vigilance and adaptive security tools.

Technology Innovation News

Featured News

Rows of servers in a data center, representing Travelex's cloud migration
Travelex Overhauls Core Systems in Major Cloud Migration

Travelex is undergoing a significant modernisation of its technology infrastructure by replacing its fragmented legacy supply chain systems with a single, off-the-shelf solution as part of a wider move to the cloud.

Read More
Server room representing IT infrastructure
DC Health Link Data Breach Caused by Server Misconfiguration

A recent data breach at DC Health Link, the Washington, D.C.-based health insurance exchange, was caused by a misconfigured server, according to the executive director’s statement during a House Oversight Committee hearing. The breach, discovered on March 6, allowed unauthorized access to sensitive personal information of more than 56,000 current and former customers, including members of Congress and their families.

Read More

Stay Updated

Subscribe to our newsletter for the latest tech news and insights.

Popular Topics

AI Cloud Cybersecurity DevOps IoT Blockchain 5G Machine Learning

Why Choose xytoviy

We deliver accurate, timely, and insightful tech news coverage

Rapid Updates

Stay informed with the latest tech news as it happens, with our real-time updates and breaking news alerts.

In-Depth Analysis

Our expert team provides comprehensive analysis and insights on complex technological developments and trends.

Community Focus

Join our growing community of tech enthusiasts and professionals sharing knowledge and perspectives.

Join Our Tech Community

Subscribe to our premium newsletter and get exclusive access to in-depth tech analysis, expert interviews, and early access to tech events.

We respect your privacy and will never share your information.