Scattered Spider: Could one phone call bring down your whole organization?

Scattered Spider: Could one phone call bring down your whole organization?

Send us Fan Mail [https://www.buzzsprout.com/2489886/fan_mail/new] Can you recognise every employee in your organisation? Most companies cannot — and attackers know it. A routine IT request comes in from a senior leader locked out of their account. Everything checks out, so access is restored. Except it wasn't them. In that moment, you've handed the keys to Scattered Spider — a group that has spent three years proving that human trust is a more reliable attack surface than any software vulnerability. Group-IB's High-Tech Crime Trends Report 2026 identifies supply chain attacks as the defining force reshaping today's threat landscape, and Scattered Spider sits at the centre of that story. What looks like social engineering is, in reality, a supply chain attack in disguise — one that can turn a single compromised integration into a cascade affecting hundreds of downstream organisations, halt production lines across four countries, and register on a national economy's GDP. In this episode, Gary Ruddell and former INTERPOL Director of Cybercrime Craig Jones are joined by Seán Doyle, Lead at the World Economic Forum's Cybercrime Atlas, where international specialists work together to identify, map, and disrupt criminal networks at scale. Together they examine how a group with no zero-days and no nation-state backing became one of the most disruptive cybercriminal threats operating today — and what it actually takes to build a line of defence when trust itself is the attack vector. By understanding who these actors are and how they operate, you can better anticipate threats and protect yourself in an increasingly hostile digital world. Subscribe to learn more about Group-IB's top 10 Masked Actors [https://www.group-ib.com/masked-actors/]  - and stay one step ahead in the fight against cybercrime. FOLLOW GROUP-IB * Group-IB Threat Intelligence on X:   https://www.x.com/GroupIB_TI [https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbFRjd1VxMGswcjk1MmtfdXI5SzVDZUNkcmRXd3xBQ3Jtc0trREZaYXZrNG9WTm14bFpOM0c4a2FjS1ZkRkJyZl9sODlWNUd4S2ROcW5MR1p3ZXZtSnhTMjIzRUgzT1gxMkdjaG1kMl9SaldBSUlxLThMd3o0TTQwdnlYZDluYU1iVUZaMW05WFZSNlhta1hVNGdpZw&q=https%3A%2F%2Fwww.x.com%2FGroupIB_TI&v=wYcEakee-gs] * Group-IB on X:  https://www.x.com/GroupIB [https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbXdYS3R0TkpQSTIyNVFQd0NseDlDcTZiRDZPUXxBQ3Jtc0ttX3lSb0FrVjhBVFg0WDZyVDdRSlpmdUZaUHhkUmNaaWZKV2c1YWQ3ZUd6N2JHMk5JMDBucTJqdzhUOGc4SGtRa2VQTGtPUVd0ZGZpMUp0VW1LeWhXYWw5NS1acXpwNHRpV3YzSDNpSWNPQ3RKNnZOSQ&q=https%3A%2F%2Fwww.x.com%2FGroupIB&v=wYcEakee-gs] * Group-IB on LinkedIn:  https://www.linkedin.com/company/group-ib [https://www.linkedin.com/company/group-ib] * Group-IB on Facebook: https://www.facebook.com/groupibHQ/  [https://www.facebook.com/groupibHQ/] * Group-IB on Instagram: ... [https://www.instagram.com/groupibhq/]

Defenders: What does it take to orchestrate international takedowns across borders?

Send us Fan Mail [https://www.buzzsprout.com/2489886/fan_mail/new] Cybercrime operates at a scale most people never see. A single incident can cost hundreds of millions of pounds, disrupt businesses overnight, or devastate individuals and families. What often follows is a simple question: how do you stop something that moves this fast, across so many borders? The reality is far from straightforward. Building a case against cybercriminals means tracing activity across jurisdictions, piecing together fragments of digital evidence, and turning intelligence into coordinated action on a global scale. It is detailed, complex work with real-world consequences. In this episode of Masked Actors, we go inside the world of international cybercrime investigations. Our host, Gary Ruddell, is joined by Craig Jones, Independent Strategic Advisor at Group-IB and former Director of Cybercrime at INTERPOL.  With over four decades in cyber defence, Craig brings a rare perspective from the frontline of global cyber-resilience efforts and shares how law enforcement agencies work together to disrupt criminal networks at scale.  He also joins the podcast as the new co-host of Masked Actors, Season 2. By understanding who these actors are and how they operate, you can better anticipate threats and protect yourself in an increasingly hostile digital world. Subscribe to learn more about Group-IB's top 10 Masked Actors [https://www.group-ib.com/masked-actors/]  - and stay one step ahead in the fight against cybercrime. FOLLOW GROUP-IB * Group-IB Threat Intelligence on X:   https://www.x.com/GroupIB_TI [https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbFRjd1VxMGswcjk1MmtfdXI5SzVDZUNkcmRXd3xBQ3Jtc0trREZaYXZrNG9WTm14bFpOM0c4a2FjS1ZkRkJyZl9sODlWNUd4S2ROcW5MR1p3ZXZtSnhTMjIzRUgzT1gxMkdjaG1kMl9SaldBSUlxLThMd3o0TTQwdnlYZDluYU1iVUZaMW05WFZSNlhta1hVNGdpZw&q=https%3A%2F%2Fwww.x.com%2FGroupIB_TI&v=wYcEakee-gs] * Group-IB on X:  https://www.x.com/GroupIB [https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbXdYS3R0TkpQSTIyNVFQd0NseDlDcTZiRDZPUXxBQ3Jtc0ttX3lSb0FrVjhBVFg0WDZyVDdRSlpmdUZaUHhkUmNaaWZKV2c1YWQ3ZUd6N2JHMk5JMDBucTJqdzhUOGc4SGtRa2VQTGtPUVd0ZGZpMUp0VW1LeWhXYWw5NS1acXpwNHRpV3YzSDNpSWNPQ3RKNnZOSQ&q=https%3A%2F%2Fwww.x.com%2FGroupIB&v=wYcEakee-gs] * Group-IB on LinkedIn:  https://www.linkedin.com/company/group-ib [https://www.linkedin.com/company/group-ib] * Group-IB on Facebook: https://www.facebook.com/groupibHQ/  [https://www.facebook.com/groupibHQ/] * Group-IB on Instagram: ... [https://www.instagram.com/groupibhq/]

Team TNT: Could you be unknowingly mining for crypto?

Send us Fan Mail [https://www.buzzsprout.com/2489886/fan_mail/new] Cryptocurrency promised huge potential for investors. But it’s cybercriminals who are reaping the benefits. From multimillion-dollar ransomware payouts to borderless money laundering, cryptocurrency has quietly become the fuel powering a global cybercrime economy. As regulation evolves across multiple jurisdictions, gaps, inconsistencies, and the borderless nature of crypto continue to give criminal threat actors a simple workaround: move somewhere the rules don’t reach. This has created opportunities for cybercrime that groups such as TeamTNT have been quick to exploit. In this episode of Masked Actors, Group-IB’s Gary Ruddell and Nick Palmer are joined by Erica Stanford, Digital Asset, Crypto and AI Specialist at law firm CMS. She reveals the shadowy infrastructure and trail of crypto-enabled cybercrime that keeps hacking gangs like TeamTNT moving. By understanding who these actors are and how they operate, you can better anticipate threats and protect yourself in an increasingly hostile digital world. Subscribe to learn more about Group-IB's top 10 Masked Actors [https://www.group-ib.com/masked-actors/]  - and stay one step ahead in the fight against cybercrime. FOLLOW GROUP-IB * Group-IB Threat Intelligence on X:   https://www.x.com/GroupIB_TI [https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbFRjd1VxMGswcjk1MmtfdXI5SzVDZUNkcmRXd3xBQ3Jtc0trREZaYXZrNG9WTm14bFpOM0c4a2FjS1ZkRkJyZl9sODlWNUd4S2ROcW5MR1p3ZXZtSnhTMjIzRUgzT1gxMkdjaG1kMl9SaldBSUlxLThMd3o0TTQwdnlYZDluYU1iVUZaMW05WFZSNlhta1hVNGdpZw&q=https%3A%2F%2Fwww.x.com%2FGroupIB_TI&v=wYcEakee-gs] * Group-IB on X:  https://www.x.com/GroupIB [https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbXdYS3R0TkpQSTIyNVFQd0NseDlDcTZiRDZPUXxBQ3Jtc0ttX3lSb0FrVjhBVFg0WDZyVDdRSlpmdUZaUHhkUmNaaWZKV2c1YWQ3ZUd6N2JHMk5JMDBucTJqdzhUOGc4SGtRa2VQTGtPUVd0ZGZpMUp0VW1LeWhXYWw5NS1acXpwNHRpV3YzSDNpSWNPQ3RKNnZOSQ&q=https%3A%2F%2Fwww.x.com%2FGroupIB&v=wYcEakee-gs] * Group-IB on LinkedIn:  https://www.linkedin.com/company/group-ib [https://www.linkedin.com/company/group-ib] * Group-IB on Facebook: https://www.facebook.com/groupibHQ/  [https://www.facebook.com/groupibHQ/] * Group-IB on Instagram: ... [https://www.instagram.com/groupibhq/]

Boolka: The evolution of a cybercriminal enterprise

Send us Fan Mail [https://www.buzzsprout.com/2489886/fan_mail/new] If evolution has taught humanity anything, it’s that adaptation is key to survival. As prey develop camouflage techniques, predators get faster, sturdier, and better at detection. Now this game of cat and mouse is taking over the digital world.  All cybergangs are on a cycle of relentless adaptation – but a group that stands out from all the rest is Boolka, innovating near-constantly since it first landed on the cybercriminal scene in 2022. Its primary goal is to steal user data across high traffic websites – from usernames, passwords and even credit card information, and sell it for profit on the dark web.  Group-IB’s Gary Ruddell and Nick Palmer are joined by Joel Fromont, Senior Manager of the EMEA Security Specialists Solutions Architect team at AWS, where they discuss how commercially minded adversaries innovate to stay active and avoid detection, how businesses can effectively respond to such a constantly moving target, and what steps can be taken by users to protect themselves online.  By understanding who these actors are and how they operate, you can better anticipate threats and protect yourself in an increasingly hostile digital world. Subscribe to learn more about Group-IB's top 10 Masked Actors [https://www.group-ib.com/masked-actors/]  - and stay one step ahead in the fight against cybercrime. FOLLOW GROUP-IB * Group-IB Threat Intelligence on X:   https://www.x.com/GroupIB_TI [https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbFRjd1VxMGswcjk1MmtfdXI5SzVDZUNkcmRXd3xBQ3Jtc0trREZaYXZrNG9WTm14bFpOM0c4a2FjS1ZkRkJyZl9sODlWNUd4S2ROcW5MR1p3ZXZtSnhTMjIzRUgzT1gxMkdjaG1kMl9SaldBSUlxLThMd3o0TTQwdnlYZDluYU1iVUZaMW05WFZSNlhta1hVNGdpZw&q=https%3A%2F%2Fwww.x.com%2FGroupIB_TI&v=wYcEakee-gs] * Group-IB on X:  https://www.x.com/GroupIB [https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbXdYS3R0TkpQSTIyNVFQd0NseDlDcTZiRDZPUXxBQ3Jtc0ttX3lSb0FrVjhBVFg0WDZyVDdRSlpmdUZaUHhkUmNaaWZKV2c1YWQ3ZUd6N2JHMk5JMDBucTJqdzhUOGc4SGtRa2VQTGtPUVd0ZGZpMUp0VW1LeWhXYWw5NS1acXpwNHRpV3YzSDNpSWNPQ3RKNnZOSQ&q=https%3A%2F%2Fwww.x.com%2FGroupIB&v=wYcEakee-gs] * Group-IB on LinkedIn:  https://www.linkedin.com/company/group-ib [https://www.linkedin.com/company/group-ib] * Group-IB on Facebook: https://www.facebook.com/groupibHQ/  [https://www.facebook.com/groupibHQ/] * Group-IB on Instagram: ... [https://www.instagram.com/groupibhq/]

Brain Cipher: What happens when national infrastructure comes under strike?

Send us Fan Mail [https://www.buzzsprout.com/2489886/fan_mail/new] Indonesia, June 2024 - 210 critical government agencies were crippled in one fell swoop. Immigration services were in disarray; customs officers locked out of critical systems and travellers left stranded in airport and ferry terminals facing delays that would continue for a full week. The culprit? Brain Cipher, a ransomware group barely a week old, which demanded a huge sum of $8M from Indonesia’s National Data Centre, bringing local government services to their knees. The chaos that followed lingers as a potent reminder of the widespread disruption across an entire nation that can stem from a single attack. Join Group-IB’s Gary Ruddell and Nick Palmer as they talk to Jennifer Soh, Cyber Investigation Lead for APAC at Group-IB, exploring what motivates cyber criminals to target national infrastructure, and what happens when the pillars that hold up our modern digital society - from government and defence to energy- are struck by cyber-attacks. Episode links: Group-IB's Top 10 Masked Actors [https://www.group-ib.com/masked-actors/] Deciphering the Brain Cipher Ransomware [https://www.group-ib.com/blog/brain-cipher-ransomware/]Patch or Peril: A Veeam vulnerability incident [https://www.group-ib.com/blog/estate-ransomware/] By understanding who these actors are and how they operate, you can better anticipate threats and protect yourself in an increasingly hostile digital world. Subscribe to learn more about Group-IB's top 10 Masked Actors [https://www.group-ib.com/masked-actors/]  - and stay one step ahead in the fight against cybercrime. FOLLOW GROUP-IB * Group-IB Threat Intelligence on X:   https://www.x.com/GroupIB_TI [https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbFRjd1VxMGswcjk1MmtfdXI5SzVDZUNkcmRXd3xBQ3Jtc0trREZaYXZrNG9WTm14bFpOM0c4a2FjS1ZkRkJyZl9sODlWNUd4S2ROcW5MR1p3ZXZtSnhTMjIzRUgzT1gxMkdjaG1kMl9SaldBSUlxLThMd3o0TTQwdnlYZDluYU1iVUZaMW05WFZSNlhta1hVNGdpZw&q=https%3A%2F%2Fwww.x.com%2FGroupIB_TI&v=wYcEakee-gs] * Group-IB on X:  https://www.x.com/GroupIB [https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbXdYS3R0TkpQSTIyNVFQd0NseDlDcTZiRDZPUXxBQ3Jtc0ttX3lSb0FrVjhBVFg0WDZyVDdRSlpmdUZaUHhkUmNaaWZKV2c1YWQ3ZUd6N2JHMk5JMDBucTJqdzhUOGc4SGtRa2VQTGtPUVd0ZGZpMUp0VW1LeWhXYWw5NS1acXpwNHRpV3YzSDNpSWNPQ3RKNnZOSQ&q=https%3A%2F%2Fwww.x.com%2FGroupIB&v=wYcEakee-gs] * Group-IB on LinkedIn:  https://www.linkedin.com/company/group-ib [https://www.linkedin.com/company/group-ib] * Group-IB on Facebook: https://www.facebook.com/groupibHQ/  [https://www.facebook.com/groupibHQ/] * Group-IB on Instagram: ... [https://www.instagram.com/groupibhq/]