skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

Ransomware Groups Target Organizations via Microsoft 365

/ 1 min read

🕵️‍♂️ Ransomware Groups Exploit Microsoft 365 to Target Enterprises. Two ransomware groups, STAC5143 and STAC5777, have been identified using Microsoft 365 services to infiltrate organizations, leveraging default settings that allow external Teams users to contact internal employees. Sophos researchers noted a surge in incidents, with over 15 cases reported in three months, half occurring recently. STAC5143 mimics tactics from the Storm-1811 group, employing remote control capabilities and Java-based tools to deploy malware, while STAC5777 utilizes Microsoft Quick Assist for remote access. Sophos advises organizations to restrict external Teams calls and limit remote access applications to enhance security, alongside raising employee awareness of these tactics to combat social engineering attacks.

Source
{entry.data.source.title}
Original