Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://cyberplace.social/users/GossiTheDog/statuses/114439371880188328">Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 03-May-2025 02:17:30 JST</a><a href="https://cyberplace.social/@GossiTheDog" title="gossithedog@cyberplace.social"><img src="https://gnusocial.jp/avatar/38360-48-20250225114715.webp" width="48" height="48" alt="Kevin Beaumont" style="position: absolute; left: 0; top: 0;">Kevin Beaumont</a><div><a href="https://cyberplace.social/@GossiTheDog/114439356314397053" rel="in-reply-to">in reply to</a></div></section><article><p>The individuals operating under the  DragonForce banner are using social engineering for entry.  </p><p>Defenders should urgently make sure they have read the CISA briefs on Scattered Spider and LAPSUS$ as it's a repeat of the 2022-2023 activity. </p><p>Links: <a href="https://www.cisa.gov/sites/default/files/2023-08/CSRB_Lapsus%24_508c.pdf" rel="nofollow noreferrer">https://www.cisa.gov/sites/default/files/2023-08/CSRB_Lapsus%24_508c.pdf</a></p><p><a href="https://www.cisa.gov/sites/default/files/2023-11/aa23-320a_scattered_spider_0.pdf" rel="nofollow noreferrer">https://www.cisa.gov/sites/default/files/2023-11/aa23-320a_scattered_spider_0.pdf</a></p><p>I would also suggest these NCSC guides on incident management: <a href="https://www.ncsc.gov.uk/collection/incident-management" rel="nofollow noreferrer">https://www.ncsc.gov.uk/collection/incident-management</a></p><p>and effective cyber crisis comms: <a href="https://www.ncsc.gov.uk/guidance/effective-communications-in-a-cyber-incident" rel="nofollow noreferrer">https://www.ncsc.gov.uk/guidance/effective-communications-in-a-cyber-incident</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4992102#notice-9782766">In conversation</a><time datetime="2025-05-03T02:17:30+09:00" title="Saturday, 03-May-2025 02:17:30 JST">about a month ago</time> <span>from <span><a href="https://cyberplace.social/@GossiTheDog/114439371880188328" rel="external" title="Sent from cyberplace.social via ActivityPub">cyberplace.social</a></span></span><a href="https://cyberplace.social/@GossiTheDog/114439371880188328">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/4561106">Untitled attachment</a></label><br><a href="https://cyberplace.social/system/media_attachments/files/114/439/364/451/611/425/original/88443a28e91c4812.png" rel="external">https://cyberplace.social/system/media_attachments/files/114/439/364/451/611/425/original/88443a28e91c4812.png</a></li><li><label><a rel="external" href="https://gnusocial.jp/attachment/4561107">Untitled attachment</a></label><br></li><li><label><a rel="external" href="https://gnusocial.jp/attachment/4561108">Untitled attachment</a></label><br></li><li><article><header><div>Domain not in remote thumbnail source whitelist: www.ncsc.gov.uk</div><h5><a href="https://www.ncsc.gov.uk/guidance/effective-communications-in-a-cyber-incident">Guidance on effective communications in a cyber incident</a></h5><div></div></header><div>Supporting organisations of all sizes to manage their communications strategy before, during and after a cyber security incident.</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 03-May-2025 02:17:30 JST Kevin Beaumont
in reply to
The individuals operating under the DragonForce banner are using social engineering for entry.
Defenders should urgently make sure they have read the CISA briefs on Scattered Spider and LAPSUS$ as it's a repeat of the 2022-2023 activity.
Links: https://www.cisa.gov/sites/default/files/2023-08/CSRB_Lapsus%24_508c.pdf
https://www.cisa.gov/sites/default/files/2023-11/aa23-320a_scattered_spider_0.pdf
I would also suggest these NCSC guides on incident management: https://www.ncsc.gov.uk/collection/incident-management
and effective cyber crisis comms: https://www.ncsc.gov.uk/guidance/effective-communications-in-a-cyber-incident
In conversationabout a month ago from cyberplace.socialpermalink
Attachments
1. Untitled attachment
  https://cyberplace.social/system/media_attachments/files/114/439/364/451/611/425/original/88443a28e91c4812.png
2. Untitled attachment
3. Untitled attachment
4. Domain not in remote thumbnail source whitelist: www.ncsc.gov.uk
  Guidance on effective communications in a cyber incident
  Supporting organisations of all sizes to manage their communications strategy before, during and after a cyber security incident.

Public

Embed Notice

HTML Code

Corresponding Notice