Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks
Summary
Two cybercrime groups, Cordial Spider and Snarky Spider, are conducting rapid and high-impact attacks within Software-as-a-Service (SaaS) environments. These groups are leveraging vishing (voice phishing) and single sign-on (SSO) abuse to facilitate their extortion activities while leaving minimal digital footprints.
IFF Assessment
FOE
This article details sophisticated attack methods used by cybercrime groups, posing a direct threat to organizations and defenders.
Defender Context
Defenders should be aware of the increasing sophistication of attacks targeting SaaS environments, focusing on the abuse of vishing and SSO. Organizations need to strengthen their authentication mechanisms and user awareness training to mitigate these threats.