In this talk, Riley Childs and Waymon Ho from Microsoft’s Detection and Response Team share their experiences in responding to Storm-0875 outbreaks, also known as 0ktapus and Scattered Spider, since August 2022. They discuss the evolution of Storm-0875’s tactics, techniques, and procedures (TTPs), from basic phishing and social engineering to extensive expertise in identity and cloud technologies. Viewers will gain insights into who Storm-0875 is, the evolution of their TTPs, and practical strategies for effective defense. The speakers also delve into the response to Storm-0875, from early detection strategies to extreme measures sometimes required. Discover why Storm-0875 is considered the most urgent threat in the criminal ecosystem.