NCC Group has reported that the Black Basta ransomware group has formed an alliance with QBot for lateral movement across the target network. Additionally, the attackers were spotted using Cobalt Strike beacons during the compromise. QBot is still propagated via malicious emails, users should stay alert while opening attachments from unknown users.