by Gene Reich | Oct 24, 2025 | Reader's Choice, Scattered Spider
In mid-September, the U.S. Department of Justice and the U.K.’s National Crime Agency jointly unsealed charges against two British teenagers accused of orchestrating one of the most financially damaging cyber extortion campaigns of the past decade. Nineteen-year-old...
by Gene Reich | Sep 10, 2025 | Jaguar Land Rover, Marks & Spencer, marks and spencer, Reader's Choice, Scattered Spider
Jaguar Land Rover (JLR), one of the UK’s largest exporters and a global automotive brand, disclosed on September 2, 2025, that it had suffered a significant cyber incident. The attack forced the company to shut down its IT systems worldwide, halting production at key...
by Gene Reich | Aug 28, 2025 | Cybersecurity Trends, Pretexting, Scattered Spider, Social Engineering
Since 2023, the threat group Scattered Spider has repeatedly persuaded help-desk staff across multiple organizations to reset credentials over the phone without verifying identity, bypassing multi-factor authentication (MFA) in several high-profile breaches. This was...
by Gene Reich | Aug 26, 2025 | Cybersecurity Threats, Pretexting, Scattered Spider, Social Engineering
Why Trust-Based Attacks Are Surging In 2023, Clorox reported in court filings that attackers posing as company representatives contacted its IT service provider, Cognizant, and successfully obtained privileged system access. The impostors cited legitimate-sounding...
by Gene Reich | Aug 20, 2025 | AI Fraud Prevention, Cybersecurity Threats, Cybersecurity Trends, Scattered Spider, Social Engineering
Replacing Voice with Proven Identity The recent rise in impersonation-based fraud has brought renewed scrutiny to how identity is verified during routine digital interactions. As discussed in our earlier analysis of Sam Altman’s July 2025 warning, artificial...
by Gene Reich | Aug 5, 2025 | Cybersecurity for MSPs, Qantas Breach, Scattered Spider, Social Engineering
The recent data breach at Qantas exposed the personal details of nearly six million customers. The breach was traced to a third-party call centre, not to a technical exploit like ransomware or firewall compromise. Between June 30 and July 2, attackers gained access to...
