Kevin Beaumont@GossiTheDog@cyberplace.social
What a time to be alive
Tl;dr of the Scatter Spider LAPSUS$ chat aka fuckmandiantunit221bcr0wdshart is:
- theyβve owned a lot of big companies by phoning them up and asking for access - this includes orgs who havenβt disclosed their incidents
- they also appear to have an Oracle WebLogic exploit (unclear if zero day) and a SAP Netweaver exploit and used that to get inside orgs
- They appear to also be (or owned) ShinyHunters ransomware, as they include internal ShinyHunter emails and IMs.
Mike Siegel@mikesiegel@infosec.exchange
@GossiTheDog@cyberplace.social