Former Black Basta Members Continue to Use Email Bombing and Phishing Techniques

Former members associated with the Black Basta ransomware operation continue to employ email bombing and phishing techniques via Microsoft Teams to gain persistent access to targeted networks. According to a report by ReliaQuest, the attackers have recently introduced the execution of Python scripts alongside these techniques, using cURL requests to retrieve and deploy malicious payloads.