Are you prepared for Storm-0324, an active cyber-crime group that infiltrates networks and acts as a distributor for other attack payloads, including ransomware and infostealer payloads. <\/p>\n
Beginning in July 2023, Storm-0324 was observed distributing payloads using an open-source tool to send phishing lures through Microsoft Teams chats. <\/p>\n
Because Storm-0324 hands off access to other threat actors, identifying and remediating Storm-0324 activity can prevent more dangerous follow-on attacks like ransomware. <\/p>\n
In this blog, we provide a comprehensive analysis of Storm-0324\u2014a cyber-criminal group\u2014and their established tools, tactics, and procedures (TTPs) as well as their more recent attacks. <\/p>\n
To defend against this threat actor, Microsoft customers can use Microsoft 365 Defender to detect Storm-0324 activity and significantly limit the impact of these attacks on networks. <\/p>\n
Read this Microsoft article to find out how to defend against this complex threat.<\/p>\n