Windows Quick Assist Anchors Black Basta Ransomware Gambit

Microsoft Threat Intelligence reports that the financially-motivated actor Storm-1811 is conducting a vishing and email-bombing campaign that socially engineers victims into granting remote access via Microsoft Quick Assist, then stages a multi-tool intrusion (Qakbot, Cobalt Strike, ScreenConnect, NetSupport Manager, PsExec, OpenSSH) culminating in Black Basta ransomware deployment; mitigations recommended include removing unnecessary remote-access tools, applying least privilege/zero-trust controls, and enhanced employee training.