"Microsoft Teams Phishing: Enterprises Targeted by Ransomware Access Broker"
"Microsoft Teams Phishing: Enterprises Targeted by Ransomware Access Broker"
A threat actor known for providing ransomware groups with initial access to enterprise systems has used Microsoft Teams to phish employees. According to Microsoft threat researchers, Storm-0324 likely relies on the publicly available TeamsPhisher tool for this activity. Storm-0324 is a temporary name designated by Microsoft to this threat actor, suggesting that the company is still not highly confident about the origin or identity of the actor behind the operation.