Ransomware groups identified as STAC5143 and STAC5777 have exploited Microsoft Office 365’s services and default settings to target enterprise users, according to an investigation by Sophos researchers. Microsoft Teams’ built-in remote control capabilities and default setting, which allows external users to contact internal users, were used to execute attacks. To prevent further attacks, organizations have been advised to restrict Teams calls from outside organizations and limit the use of remote access applications.

Rest, AustralianSuper Among Funds Hit By Cyberattack
Australia’s largest superannuation funds, including AustralianSuper, REST, Australian Retirement Trust, and Hostplus, have suffered from a coordinated cyber attack, with around 8,000 accounts breached. Hackers