<ul><li>ReliaQuest researchers observed Black Basta affiliates relying on Microsoft Teams to gain initial access to target networks.</li><li>Black Basta ransomware affiliates switched to Microsoft Teams, posing as IT support to deceive employees into granting access.</li><li>Threat actors flood employee inboxes with emails, then impersonate IT support on Microsoft Teams to offer help.</li><li>Attackers send QR codes in chats as part of Quishing attempts.</li></ul>

Black Basta affiliates used Microsoft Teams in recent attacks

Discover more