Microsoft has introduced targeted improvements to its Defender and Sentinel cybersecurity tools to protect customers against the Scattered Spider gang's evolving techniques. Active since April, Scattered Spider has launched disruptive attacks on UK retail and shifted focus to insurance and aviation sectors. The gang employs various methods, including social engineering and impersonation tactics. Notably, it has begun using DragonForce ransomware and targeting VMware ESX environments while altering its approach to access both on-premises and cloud infrastructures during attacks.
Microsoft has rolled out a series of targeted enhancements across its Defender and Sentinel cyber security ecosystem designed to help its customers guard against the possibility of falling victim to Scattered Spider as the cyber gang continues to evolve its playbook.
Scattered Spider, referred to in Microsoft's threat telemetry as Octo Tempest, ramped up the pace of its activity in April and May with disruptive attacks aimed at UK high street retailers.
Collection
[
|
...
]