Hackers Use Microsoft Teams to Break In - VPN Ransomware Surge - KPMG 2026 Warning

Описание: A new type of cyberattack is bypassing every security tool you’ve invested in — and it starts with a simple Microsoft Teams message.

No malware. No exploit. No zero-day.

Just someone pretending to be IT support.

At the same time, new data shows 73% of ransomware attacks are now entering through VPNs, and small businesses are absorbing an average of $422,000 per incident. Meanwhile, KPMG just released its 8 cybersecurity priorities for 2026, sending a clear message to executives: the biggest risk isn’t technology — it’s leadership.

On this episode of Security Squawk, Bryan Hornung, Randy Bryan, and Reginald Andre break down three critical developments every business leader needs to understand right now.

🔥 This Week’s Cybersecurity Breakdown

1. Microsoft Teams Hack (UNC6692 Attack Campaign)
Hackers are impersonating IT support inside Microsoft Teams to gain access to enterprise environments.

No software vulnerability exploited
Targets C-suite and senior leadership (77% of victims)
Uses legitimate platforms like AWS and Heroku to evade detection

2. VPNs Are Now the Front Door for Ransomware (At-Bay 2026 Report)
New insurance data reveals a sharp increase in ransomware attacks targeting VPN infrastructure:

73% of attacks originate through VPNs
60% of victims had EDR deployed — and still got hit
SonicWall vulnerabilities linked to a significant percentage of attacks
Average loss: $422,000 for SMBs

3. KPMG’s 8 Cybersecurity Priorities for 2026
A strategic warning for boards, CEOs, and executives:

AI is now an attack surface
Non-human identities (APIs, service accounts) are a major blind spot
Supply chain attacks are becoming the primary entry point
Cybersecurity is no longer an IT issue — it’s a leadership responsibility
🧠 The Bottom Line

The biggest cybersecurity gap today isn’t technical.

It’s leadership.

You can’t patch employee trust
You can’t rely on tools without oversight
You can’t delegate cyber risk and expect protection

If you’re running a business, this is required awareness.

Support the show:
buymeacoffee.com/securitysquawk

Subscribe for weekly breakdowns of real-world cyber threats, ransomware trends, and executive-level security insights.