Scattered Spider — also known as UNC3944, Oktapus, and Muddled Libra — has quickly become one of today’s most notorious cybercriminal groups. From high-profile breaches at MGM Resorts and Caesars Entertainment to attacks on retailers and airlines, their tactics show that the biggest threat isn’t always malware — it’s social engineering. In this episode of the Cyber Resilience Brief, co-hosts Tova Dvorin and Adrian Culley explore how Scattered Spider operates and what makes them so dangerous. We break down their favorite attack methods, including SIM swapping, MFA push bombing, and IT helpdesk impersonation — and reveal why “they don’t break in, they log in.” Listeners will learn: The top TTPs Scattered Spider uses across the kill chain Why identity and access management is their prime target How companies can harden defenses against human-centric threats Why continuous security validation is critical to resilience If you’re a CISO, security leader, or anyone focused on protecting people, processes, and data, this episode is a must-listen.