The Rising Threat of Vishing and SSO Exploitation in SaaS Extortion: Q&A with Experts

By

In the rapidly evolving landscape of cybersecurity, two distinct cybercrime groups have emerged as a formidable threat, targeting Software-as-a-Service (SaaS) environments with alarming speed and precision. Known as Cordial Spider (also tracked as BlackFile, CL-CRI-1116, O-UNC-045, and UNC6671) and Snarky Spider (alias O-UNC-025 and UNC6661), these clusters are notorious for executing rapid, high-impact extortion attacks using a combination of vishing (voice phishing) and Single Sign-On (SSO) abuse. Their operations leave minimal forensic traces, making detection and response exceptionally challenging. This Q&A explores the tactics, risks, and defenses against these advanced threats.

Related Articles

• Amadeus Acquires Idemia Public Security in €1.2B Cash Deal to Reshape Travel Security
• Securing Your Organization in the Age of AI-Powered Vulnerability Discovery
• Your Complete Guide to Hackaday Europe 2026: Pre-Party, Workshops, and More
• Latest Linux Stable Kernels Address Critical AEAD Socket Vulnerability
• The Resurgence of Cyber Extortion in Germany: Europe's New Data Leak Epicenter
• Global Cyber Crisis: Hospital Tech Giant Stryker, Telus Digital, and Signal Hit in Coordinated Wave of Attacks
• 10 Key Changes in GitHub's Bug Bounty Program: What Researchers Need to Know
• The Importance of Accuracy in Cybersecurity Journalism: A Case Study of the Instructure Retraction