The Threat CodexAug 7, 2025
Muddled Libra: Why Are We So Obsessed With You?
#MuddledLibra
https://unit42.paloaltonetworks.com/why-the-focus-on-muddled-libra/
Muddled Libra: Why Are We So Obsessed With You?

Muddled Libra gets media attention due to its consistent playbook and unique use of vishing. The group's English fluency is another major factor.

Unit 42
Francis Mangion (M)May 27, 2025

CISOs should fortify help desk and employee defenses, enhance intrusion detection and tracking capabilities, and recognize that paying ransoms is not a viable strategy.

https://ciso2ciso.com/how-cisos-can-defend-against-scattered-spider-ransomware-attacks-source-www-csoonline-com/

#ScatteredSpider #UNC3944 #Starfraud #ScatterSwine #MuddledLibra #OctoTempest #0katpus.

How CISOs can defend against Scattered Spider ransomware attacks – Source: www.csoonline.com

Source: www.csoonline.com - Author: CISOs should fortify help desk and employee defenses, enhance intrusion detection and tracking cap

CISO2CISO.COM & CYBER SECURITY GROUP
Not SimonApr 9, 2024

Unit 42 reports that the financially motivated Muddled Libra cybercriminal group now actively targets software-as-a-service (SaaS) applications and cloud service provider (CSP) environments. The threat actors attempt to leverage data stored in SaaS applications and CSP environments to assist with their attack progression, and to use for extortion when trying to monetize their work. Unit 42 covers various access methodologies that are used for SaaS environments and CSPs, common exploits, data reconnaissance, and tactics to abuse CSP services for data exfiltration. No IOC 🔗 https://unit42.paloaltonetworks.com/muddled-libra-evolution-to-cloud/

#MuddledLibra #threatintel #cybercrime #SaaS

Muddled Libra’s Evolution to the Cloud

Muddled Libra now actively targets CSP environments and SaaS applications. Using the MITRE ATT&CK framework, we outline observed TTPs from incident response.

Unit 42
Mathew J. SchwartzMar 15, 2024
From infiltration to crypto-lock sometimes in hours (not days) — as attackers refine tactics, 'speed matters,' experts warn
https://www.databreachtoday.com/as-attackers-refine-tactics-speed-matters-experts-warn-a-24605 #ScatteredSpider #muddledlibra #octotempest #UNC3944
As Attackers Refine Tactics, 'Speed Matters,' Experts Warn

Advanced attackers increasingly feel the need for speed, lowering the time they spend lurking after they infiltrate networks before exfiltrating data and