Two new extortion crews are speedrunning the Scattered Spider playbook

SITREP: Two new extortion groups affiliated with Com have emerged, utilizing tactics from the Scattered Spider playbook. They are employing voice phishing and counterfeit Single Sign-On (SSO) pages to infiltrate Software as a Service (SaaS) environments and rapidly exfiltrate data for extortion purposes. TACTICAL ASSESSMENT: The emergence of these new threat actors indicates a growing trend in cyber extortion tactics, particularly targeting SaaS platforms. This could lead to increased vulnerabilities for organizations relying on cloud services, necessitating enhanced security measures. PROJECTED VECTORS: It is likely that these groups will continue to refine their methods and expand their targets, potentially leading to a rise in successful data breaches and extortion incidents.