#205: Spider-Scam!

#205: Spider-Scam!A look at the issues
͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     
Forwarded this email? Subscribe here for more
#205: Spider-Scam!
A look at the issues
Austin Miller
Jul 4 
 
READ IN APP
 
Need something to read?
This week, we're taking a look at Mastering Palo Alto Networks by Tom Piens aka 'reaper'. The book is available for a knockdown price for a limited time, so don't miss out!
Unlock the full potential of Palo Alto Networks firewalls with expert insights and hands-on strategies for mastering next-gen security:
- Master Palo Alto Networks firewalls with hands-on labs and expert guidance
- Stay up to date with the latest features, including cloud and security enhancements
- Learn how to set up and leverage Strata Cloud Manager
- Purchase of the print or Kindle book includes a free PDF eBook
Check it out in full!
Welcome to another _secpro!
It's been a busy few weeks for those of us wrestling with Scattered Spider. Over the past two weeks, the hacker group (also tracked as UNC3944 or Muddled Libra) has ramped up attacks across major industries. They’ve been using social-engineering tricks—ringing up help desks or call centers, pretending to be employees and convincing staff to reset or add MFA devices. That’s the pathway they use to slip past security, move through networks, and grab sensitive data or deploy ransomware.
UK retail giants like M&S, Harrods, and Co‑Op have been hit in a wave of attacks, causing disruptions and steep financial losses. They quickly pivoted to U.S. insurance firms, and this week they’ve focused on aviation. At least Hawaiian Airlines and WestJet reported IT system incidents in late June, and most recently Qantas confirmed a breach of a third-party contact‑center platform tied to Scattered Spider tactics. That incident potentially exposed personal data of up to six million customers—names, emails, birthdates and frequent-flyer numbers—though no passports or credit card details were taken.
Thanks for reading! Subscribe and you won’t miss out on premium articles, podcasts, templates, and more!
Upgrade to paid
The FBI, Google/Mandiant, CrowdStrike and others issued warnings, flagging how the group targets entire industries in waves. Their method is low-tech but effective: exploit human trust to bypass tech defenses, then move laterally, extort data, and sometimes encrypt systems.
Impact on global industry has been significant—retail sales stalled, insurance providers scrambled, airlines huddled with cybersecurity teams and regulators. Stock prices dipped, and affected companies are now tightening vendor controls, reinforcing help-desk protocols, and training staff to question any out-of-the-blue IT requests. Here's to better days ahead...
Cheers!
Austin Miller
Editor-in-Chief
This week's articles
Mastering Palo Alto Networks
We do our best to be good to you all - so here's a free look into Mastering Palo Alto Networks by Tom Piens. The whole chapter is for free as a thank you for staying with us over the years. Check it out!
Check out this excerpt!
News Bytes
Qantas suffers massive data breach via third‑party call centre: Australia’s flagship airline confirmed that hackers accessed a third-party customer‑service platform, compromising personal info—including names, emails, phone numbers, birth dates, and frequent flyer numbers—of around 6 million customers. No financial or passport data was exposed. Regulatory bodies and law enforcement are engaged, and Qantas has initiated containment, support services, and strengthened monitoring.