Security News > 2020 > April > Microsoft Teams Vulnerability Exposed Organizations to Attacks
The attacker can use this method to read the user's Teams messages, send messages on their behalf, create groups, add or remove users from a group, and change group permissions.
The entire attack can be automated, allowing malicious actors to spread through an organization like a worm by using compromised accounts to send the malicious GIF to other Teams users.
The cybersecurity firm told SecurityWeek that it believes the attack still works if someone is able to find Teams subdomains that can be hijacked.
In order to launch an attack such as the one described by CyberArk, the attacker also somehow needs to find a way to obtain access to a Teams account from which they can start sending malicious links or GIFs in order to spread within an organization.
If an attacker can convince the target to invite them to a job interview on Teams.
News URL
Related news
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Microsoft issues 117 patches – some for flaws already under attack (source)
- Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks (source)
- Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
- Microsoft: Ransomware Attacks Growing More Dangerous, Complex (source)
- Microsoft Reveals macOS Vulnerability that Bypasses Privacy Controls in Safari Browser (source)
- CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack (source)
- CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) (source)
- FortiManager critical vulnerability under active attack (source)