Major Incidents or Breaches

  • The FBI has reported that the cybercrime group Scattered Spider is expanding its attacks to target the airline sector, primarily using social engineering tactics.
  • Hackers reportedly opened a valve at a Norwegian dam, indicating unauthorised access and potential risk to critical infrastructure.

Notable Threat Actor Activity

  • Scattered Spider has broadened its targeting to include airlines, employing social engineering to gain access.
  • The GIFTEDCROOK malware, operated by an unnamed threat actor, has evolved from a browser data stealer into a more advanced intelligence-gathering tool, with recent campaigns demonstrating enhanced data exfiltration capabilities.

Trends, Tools, or Tactics of Interest

  • GIFTEDCROOK’s evolution highlights a trend of commodity malware being upgraded for broader intelligence gathering, beyond basic credential theft.
  • Scattered Spider continues to rely on social engineering, a persistent and effective tactic for initial access, particularly in the airline industry.
  • ICE (U.S. Immigration and Customs Enforcement) has deployed facial recognition tools to officers’ mobile phones, increasing the use of biometric technology in field operations.

Regulatory or Policy Developments Affecting the Security Industry

  • Facebook (Meta) has introduced a new AI tool that requests users to upload personal photos for content generation, raising privacy concerns regarding data collection, storage, and potential misuse of biometric and personal information.