Cyber escalation in a hybrid war, and some notes on the markets, both gray and C2C.

Scattered Spider prompts warnings from CISA and the FBI. Phobos ransomware is an affiliate crimeware-as-a-service program. A "hack-for-hire" contractor. “Scama” in the C2C market. Our guest is Lee Clark from the RH-ISAC with a look at Holiday Season Cyber Threat Trends. Tim Eades from Cyber Mentor Fund shares recent trends in cyber venture capital, with tips on finding a good match. And the tempo of cyber operations in Russia's hybrid war.

Selected reading.

FBI and CISA Release Advisory on Scattered Spider Group (Cybersecurity and Infrastructure Security Agency | CISA) 

FBI warns on Scattered Spider hackers, urges victims to come forward (Reuters) 

U.S. officials urge more information sharing on prolific cybercrime group (CyberScoop) 

A deep dive into Phobos ransomware, recently deployed by 8Base group (Cisco Talos Blog) 

Understanding the Phobos affiliate structure and activity (Cisco Talos Blog)

Elephant Hunting | Inside an Indian Hack-For-Hire Group (SentinelOne) 

How an Indian startup hacked the world (Reuters) 

Scama: Uncovering the Dark Marketplace for Phishing Kits (Vade Secure)

Ukraine Tracks a Record Number of Cyber Incidents During War (Bank Info Security) 

Russia will target other countries for web attacks, Ukraine cyber defence chief warns (The Irish Times) 

Sandworm Linked to Attack on Danish Critical Infrastructure (Infosecurity Magazine) 

Why cyber war readiness is critical for democracies (Help Net Security)