Ransomware Groups Exploit Microsoft Teams and Office 365 for Cyberattacks, Bypassing Two-Factor Authentication

Recent reports indicate that ransomware groups are increasingly utilizing Microsoft Teams and Office 365 services to conduct cyberattacks. These groups are employing tactics such as 'vishing,' where they impersonate tech support to deceive organizations. A new phishing kit has been identified that targets Microsoft 365 accounts, capable of intercepting user credentials and bypassing two-factor authentication defenses. Researchers from Sekoia.io highlighted the effectiveness of this kit, which poses a significant threat to cybersecurity. Additionally, the Storm-1811 group has been linked to two threat campaigns that exploit Microsoft Teams to deploy ransomware, emphasizing the evolving strategies of cybercriminals in their attacks.