The Everything Feed - All Packet Pushers Pods PP070: News Roundup – Scattered Spider Bites MSPs, Microsoft Rethinks Kernel Access, North Koreans Seem Good at Their Illicit Jobs
Jul 15, 2025
Dive into the latest in cybersecurity with tales of the Scattered Spider hacking group, which specializes in social engineering attacks on MSPs. Microsoft is rethinking its kernel access policies to enhance Windows security. Learn about North Korean operatives engaging in identity theft and corporate deception. Ransomware tactics are evolving, shifting focus from encryption to plain extortion. Plus, there's a discussion on the implications of data privacy with 23andMe's recent sale, raising questions about consumer data ownership.
AI Snips
Chapters
Transcript
Episode notes
Scattered Spider's Sophisticated Attacks
- The Scattered Spider hacking group uses advanced social engineering targeting MSPs and various industries.
- Their tactics include posing as executives to gain privileged access and request MFA device changes.
Microsoft Restricts Kernel Access
- Microsoft is shifting third-party endpoint security software out of the Windows kernel to improve stability.
- This aims to prevent outages like the one caused by a faulty CrowdStrike update last year.
North Korean Hacking Workforce
- North Korean operatives have infiltrated US companies by using fake resumes modeled on genuine job postings.
- They even hold key positions, like CTO, while conducting espionage and fraud.