Security News > 2020 > April > Microsoft Teams Vulnerability Exposed Organizations to Attacks
The attacker can use this method to read the user's Teams messages, send messages on their behalf, create groups, add or remove users from a group, and change group permissions.
The entire attack can be automated, allowing malicious actors to spread through an organization like a worm by using compromised accounts to send the malicious GIF to other Teams users.
The cybersecurity firm told SecurityWeek that it believes the attack still works if someone is able to find Teams subdomains that can be hijacked.
In order to launch an attack such as the one described by CyberArk, the attacker also somehow needs to find a way to obtain access to a Teams account from which they can start sending malicious links or GIFs in order to spread within an organization.
If an attacker can convince the target to invite them to a job interview on Teams.
News URL
Related news
- Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
- Microsoft Patches 125 Flaws Including Actively Exploited Windows CLFS Vulnerability (source)
- CISA Warns of CentreStack's Hard-Coded MachineKey Vulnerability Enabling RCE Attacks (source)
- Microsoft: Windows CLFS Vulnerability Could Lead to ‘Widespread Deployment and Detonation of Ransomware’ (source)
- Microsoft Defender will isolate undiscovered endpoints to block attacks (source)
- Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) (source)