Summary: Sophos X-Ops’ Managed Detection and Response (MDR) warns of ransomware attacks that utilize email bombing and vishing tactics through Microsoft Office 365. These attacks are attributed to two threat groups, STAC5143 and STAC5777, which have been active in recent months. The researchers emphasize the need for organizations to enhance their security measures and employee awareness to combat these evolving threats.
Threat Actor: STAC5143, STAC5777 | STAC5143, STAC5777
Victim: Organizations using Microsoft 365 | Microsoft 365
Keypoints :
- Ransomware attacks are leveraging email bombing and vishing tactics through Microsoft Office 365.
- STAC5143 and STAC5777 are linked to recent incidents, with STAC5777 being highly active and overlapping with the previously identified Storm-1811 group.
- Sophos recommends organizations restrict Teams calls from outside and improve employee awareness to mitigate these threats.