The on premise tactics of LUCR-3 (Scattered Spider) are well known. In this talk I will walk through the less known TTPs of LUCR-3 in cloud, identity, and SaaS environments. From Initial Access through mission completion, no step will be left untraced. Detection ideas, hunting approaches, and a large collection of rules will be shared!