430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Scattered Spider alleged members deny TfL charges

Two UK teens linked to Scattered Spider pleaded not guilty to charges over last year’s TfL cyberattack at a Southwark Crown Court hearing. Two British teens accused of Computer Misuse Act offenses for a cyberattack on Transport for London pleaded not guilty in court. Thalha Jubair (aka EarthtoStar, Brad, Austin, and @autistic), 19, and Owen […]

Scattered Spider

Two UK teens linked to Scattered Spider pleaded not guilty to charges over last year’s TfL cyberattack at a Southwark Crown Court hearing.

Two British teens accused of Computer Misuse Act offenses for a cyberattack on Transport for London pleaded not guilty in court. Thalha Jubair (aka EarthtoStar, Brad, Austin, and @autistic), 19, and Owen Flowers, 18, were arrested in September by the NCA at their homes in East London and Walsall. Both appeared at Southwark Crown Court on Friday to formally deny the charges.

“Both have appeared before Southwark Crown Court and entered not guilty pleas to charges of conspiring together to commit unauthorised acts against Transport for London (TfL).” reported Sky News. “They stood in the dock together and spoke only to confirm their names and enter not guilty pleas.”

In September, U.K. law enforcement authorities arrested the two teenagers who are members of the notorious Scattered Spider hacking group in connection with their role in the cyber attack that hit Transport for London (TfL). Transport for London (TfL) is a local government body responsible for most of the transport network in London, United Kingdom. In August 2024, a cyber attack hit the organization.

Both were charged with conspiring together to commit unauthorised acts against TfL, under the Computer Misuse Act.

On 6 September 2024, UK authorities initially charged Flowers for conspiring to attack US healthcare networks, while Jubair was also charged with conspiring with others to infiltrate and damage the networks of SSM Health Care Corporation and attempting to do the same to Sutter Health’s networks, both based in the US.

The DOJ announced that Jubair faces charges in New Jersey for conspiracies to commit computer fraud, wire fraud, and money laundering, linked to at least 120 network intrusions and extortion targeting 47 U.S. entities. Victims reportedly paid over $115 million in ransom. Jubair allegedly acted with the Scattered Spider group, executing sophisticated attacks that disrupted businesses, critical infrastructure, and federal courts.

The NCA said evidence found after Flowers’ 2024 arrest links him to alleged attacks on U.S. healthcare firms. He’s also charged with conspiring to breach SSM Health and attempting to target Sutter Health. Flowers pleaded not guilty to all charges.

Flowers and Jubair face some of the harshest cybercrime charges in English law, including conspiracy to commit unauthorized computer acts risking serious harm, with life imprisonment possible.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Scattered Spider)