The individuals operating under the DragonForce banner are using social engineering ...

2025-05-02 17:17:15 UTC

The individuals operating under the DragonForce banner are using social engineering for entry.

Defenders should urgently make sure they have read the CISA briefs on Scattered Spider and LAPSUS$ as it's a repeat of the 2022-2023 activity.

Links: https://www.cisa.gov/sites/default/files/2023-08/CSRB_Lapsus%24_508c.pdf

https://www.cisa.gov/sites/default/files/2023-11/aa23-320a_scattered_spider_0.pdf

I would also suggest these NCSC guides on incident management: https://www.ncsc.gov.uk/collection/incident-management

and effective cyber crisis comms: https://www.ncsc.gov.uk/guidance/effective-communications-in-a-cyber-incident

Author Public Key

npub1lcc6wn885u6k395x5j5tmdm94r6dh9zajxm8gyk82pv2s2j3el7sc6lcye

Show more details

Published at

2025-05-02 17:17:15 UTC

Kind type

1 Short Text Note

Event JSON

{ "id": "4233740e19eb78ef163ff8ff669abb9e2063343dc7d947616506788140bbd855", "pubkey": "fe31a74ce7a735689686a4a8bdb765a8f4db945d91b67412c75058a82a51cffd", "created_at": 1746206235, "kind": 1, "tags": [ [ "proxy", "https://cyberplace.social/@GossiTheDog/114439371880188328", "web" ], [ "p", "fe31a74ce7a735689686a4a8bdb765a8f4db945d91b67412c75058a82a51cffd" ], [ "e", "5a888f6f8fc13bc6abfe678f2495f2773f9dc65f865d7d2b67b85c4319826303", "", "reply", "fe31a74ce7a735689686a4a8bdb765a8f4db945d91b67412c75058a82a51cffd" ], [ "e", "8c9375cbd3f2be00980dcfc4af1c30711444133cba084518c180dbd333e6f140", "", "root", "fe31a74ce7a735689686a4a8bdb765a8f4db945d91b67412c75058a82a51cffd" ], [ "imeta", "url https://cyberplace.social/system/media_attachments/files/114/439/364/451/611/425/original/88443a28e91c4812.png", "m image/png" ], [ "proxy", "https://cyberplace.social/users/GossiTheDog/statuses/114439371880188328", "activitypub" ], [ "L", "pink.momostr" ], [ "l", "pink.momostr.activitypub:https://cyberplace.social/users/GossiTheDog/statuses/114439371880188328", "pink.momostr" ], [ "-" ] ], "content": "The individuals operating under the DragonForce banner are using social engineering for entry. \n\nDefenders should urgently make sure they have read the CISA briefs on Scattered Spider and LAPSUS$ as it's a repeat of the 2022-2023 activity. \n\nLinks: https://www.cisa.gov/sites/default/files/2023-08/CSRB_Lapsus%24_508c.pdf\n\nhttps://www.cisa.gov/sites/default/files/2023-11/aa23-320a_scattered_spider_0.pdf\n\nI would also suggest these NCSC guides on incident management: https://www.ncsc.gov.uk/collection/incident-management\n\nand effective cyber crisis comms: https://www.ncsc.gov.uk/guidance/effective-communications-in-a-cyber-incident\nhttps://cyberplace.social/system/media_attachments/files/114/439/364/451/611/425/original/88443a28e91c4812.png\n", "sig": "6638d0e8679ed62dab73ec7e6a40c00ba2e138a5edaa3dc0fb682d3904e727bff1db4beef2ab260662262e97394fab48a15be2707cdbb401a5ecee0091b8e03c" }

Kevin Beaumont on Nostr: The individuals operating under the DragonForce banner are using social engineering ...