> TritonInfoSec News
Home / Jun 17, 2026 / Story
0
#8 BleepingComputer general June 16, 2026 at 10:18 UTC

Ransomware gang abuses Microsoft Teams relays to hide malicious traffic

By Bill Toulas

AI Summary

DragonForce ransomware group deployed a custom malware named 'Backdoor.Turn' that tunnels C2 traffic through Microsoft Teams relay infrastructure, effectively masking malicious communications within legitimate enterprise traffic. This technique complicates network-based detection since traffic originates from trusted Microsoft IP ranges used by Teams.

Read full article → https://www.bleepingcomputer.com/news/security/ran…

Relevance score: 78.0/100

# More from June 17

  1. 1
    Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week The Hacker News
  2. 2
    China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth The Hacker News
  3. 3
    Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw The Hacker News
  4. 4
    Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails The Hacker News
  5. 5
    One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes The Hacker News
  6. 6
    Atomic Arch Supply Chain Attack Hits 1,500 AUR Packages SecurityWeek
  7. 7
    CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation The Hacker News
  8. 9
    Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware The Hacker News
  9. 10
    OptinMonster WordPress plugin hacked in CDN supply-chain attack BleepingComputer