image credit: unsplash
As you may have read in our November Ransomware Review, Scattered Spider is a relatively new, albeit dangerous, ransomware gang who made headlines in September for attacking MGM Resorts and Caesar Entertainment. For small security teams, one of the most important findings about the group is their use of Living Of The Land (LOTL) techniques to avoid detection: Scattered Spider aka Octo Tempest employs everyday tools like PowerShell for reconnaissance and stealthily alters network settings to bypass security measures. They also exploit identity providers and modify security systems, blending their malicious activities with normal network operations.
Comments are closed.
