incident
CISA Advisory on Scattered Spider Cybercriminal Group TTPsScattered Spider
CISA and international partners released an updated advisory detailing Scattered Spider's tactics, techniques, and procedures as of June 2025. The group uses sophisticated social engineering, MFA bypass, and SIM swapping to gain initial access, then deploys ransomware like DragonForce for data extortion. The advisory provides mitigations for critical infrastructure and commercial facilities.