A senior FBI official recently disclosed that Scattered Spider, a cybercriminal group implicated in multiple high-profile breaches, consists of approximately 1,000 individuals. At the Sleuthcon conference, Bryan Vorndran, assistant director of the FBI’s Cyber Division, characterized the group as vast and dispersed, with many members not knowing each other directly. Known also as “0ktapus” or UNC3944 by cybersecurity firms, Scattered Spider has targeted big-name companies like MGM Resorts and Okta. Its members, primarily from the U.S. and the U.K., specialize in social engineering to gain network access and have collaborated with ransomware groups. The group is recognized as a top cybersecurity threat, with parallels to nation-state actors. The FBI has faced criticism for limited arrests but emphasizes ongoing efforts and some private actions. The potent threat from groups like Scattered Spider has spurred calls for more resources and attention to cybercrime, comparable to those for state-aligned cyber operations.

Potent youth cybercrime ring made up of 1,000 people, FBI official says CyberScoop

A recent cyberattack on Ascension Providence Rochester Hospital in Michigan has forced medical staff to revert to manual processes and paper charting, posing significant patient safety risks. The Office and Professional Employees International Union Local 40 has petitioned for immediate safety measures, citing concerns over the lack of electronic health record access. The union's demands include better communication huddles, staff training, regular progress reports, patient-to-nurse ratio limits, and reduced elective procedures to manage safety and care quality. Ascension is actively working with cybersecurity experts to restore operations, while acknowledging the dedication and resilience of healthcare workers during this crisis.

Union Demands Patient Safety Fixes in Ascension Cyber Outage bankinfosecurity.com

IBM is selling its QRadar cloud-based cybersecurity software to Palo Alto Networks in a strategic move to deepen their partnership and eliminate product overlap. This collaboration aims to enhance both companies' AI-powered security product offerings. IBM will shift focus toward securing generative AI applications and data management. The sale is pending regulatory approval and expected to close by September. Post-transaction, QRadar cloud users will transition to Palo Alto's Cortex XSIAM platform, while on-premise users can retain their current setup. This partnership is projected to significantly boost IBM’s revenue and streamline security solutions for businesses.

IBM Selling Cloud Security Software to Palo Alto Networks in Broader Cyber Strategy Shift The Wall Street Journal

Epic has released its first open-source AI validation tool, making it available on GitHub for global use. The software suite allows healthcare organizations to test and monitor AI models within their electronic health record (EHR) systems. This tool, designed to ensure AI equity, can be used to validate models developed by Epic and other organizations. Health systems can evaluate performance and ensure fairness across different patient demographics. Organizations like Duke Health, Mayo Clinic, and Kaiser Permanente plan to utilize this tool for local validation of AI models. Epic aims to expand the tool's capabilities in the future.

Epic releases open-source AI validation tool for health systems Fierce Healthcare