In this episode of The Cyber Resilience Brief, host Tova Dvorin and offensive security expert Adrian Culley expose The Com—the decentralized cybercrime collective behind threat groups like Lapsus$, Scattered Spider (UNC 3944 / Octo Tempest), and ShinyHunters. Together, they break down how this teenage-to-young-adult adversary ecosystem has weaponized vishing, MFA fatigue, SIM-swapping, and cloud exfiltration to breach giants including Microsoft, Okta, Nvidia, MGM Resorts, and more. You’ll learn: How The Com evolved from Lapsus$ chaos into a professionalized extortion machine Why help desks—not firewalls—are their favorite initial access vector Their signature TTPs: vishing, MFA bypass, living-off-the-land, cloud data theft, and ephemeral IOCs How adversarial exposure validation (AEV), BAS, CART, and phishing-resistant MFA (FIDO2/WebAuthn) shut them down Practical resilience steps you can implement today A must-listen for CISOs, security leaders, and anyone tracking modern identity-based cyber threats. Stay safe. Stay safe with SafeBreach.