All news with #muddled libra tag

Scattered LAPSUS$ Hunters: Recent Activity and Risks

🚨 Unit 42 observed renewed activity from Scattered LAPSUS$ Hunters in early October 2025, including leaked data claims, a defaced clearnet leak site, and announcements of an extortion-as-a-service offering. The actors set a self-imposed ransom deadline of Oct. 10, 2025 and claimed to have released data allegedly from six victim companies across aviation, energy and retail. Unit 42 recommends organizations prepare EaaS incident playbooks and engage third-party responders.

Introducing Insights: Direct Perspectives from Unit 42

📝 Unit 42 has launched Insights, a new article series that connects readers directly to researchers and consultants with candid, real-time thinking about threats and incident response. Unlike formal threat assessments, these pieces share early observations, theories, and the kinds of practitioner conversations that don’t fit a traditional research paper. The series complements Unit 42’s rigorously reviewed reports by exposing the messier, immediate judgments that shape investigations and client guidance.

Why Muddled Libra Draws Disproportionate Media Attention

🛡️Unit 42 explains why Muddled Libra receives outsized attention: the group uses a consistent playbook, industry-focused waves of attacks, and unusually convincing English-language vishing that makes attribution and impact more visible. In 2025 cases, about 50% led to DragonForce ransomware deployment and data exfiltration, heightening executive concern. The report highlights practical defenses such as Conditional Access Policies and analytic correlation with tools like Cortex XSIAM to detect and disrupt operations.