Hackers use cloud services to target financial and insurance firms

Hackers known as “Scattered Spider” are using cloud service attacks to target financial and insurance companies for big-money ransoms. They gain access via various methods including phishing campaigns and searching platforms like GitHub for accidentally left cloud access tokens in source code. The stolen data is then held ransom. To prevent this, admins are advised to enable multi-factor authentication and educate employees on identifying phishing attempts.