Security News > 2020 > May > News Wrap: Microsoft Sway Phish, Malicious GIF and Spyware Attacks
A Microsoft vulnerability found in Microsoft Teams that could have allowed an inside attacker to weaponize a single GIF image and use it to pilfer data from targeted systems and take over all of an organization's Teams accounts.
The phishing campaign used a ton of different Microsoft file sharing platforms including Microsoft Sway, which if you guys don't know what that is, it's basically Microsoft's platform for newsletters and presentations.
This attack specifically was using Microsoft Teams - CyberArk was the research company that developed a proof of concept behind this type of attack - And essentially what it was, was that Microsoft Teams uses a sophisticated sort of authentication mechanism to be able to make sure that when you send either a link to somebody on Teams, or you send a GIF and I do call them GIFs not GIFs.
Anyways, if you send an image or a GIF on Microsoft Teams CyberArk found that when the image, the GIF image was delivered to a Microsoft Teams person, because of this authentication mechanism that Microsoft has.
Then you know, you can imagine the lateral types of attacks, or the types of attacks that would be a springboard for further attacks and further compromises.
News URL
https://threatpost.com/news-wrap-microsoft-sway-phish-malicious-gif-and-spyware-attacks/155401/
Related news
- Black Basta operators phish employees via Microsoft Teams (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- Microsoft enforces defenses preventing NTLM relay attacks (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)