Security News > 2021 > June > Microsoft Teams: Very Bad Tabs Could Have Led to BEC
Such attacks could be carried out via a malicious Microsoft Teams tab and Power Automate flows, Grant explained.
Ca organization - can create a malicious Teams tab and use it to "Eventually steal emails, Teams messages and files from gooduser(at)fakecorp.ca, and send emails and messages on their behalf."
As Grant detailed, Microsoft Teams has a default feature that allows a user to launch small apps as a tab in any team they belong to.
If a given user is part of an Office 365/Teams organization with a Business Basic license or above, they can also access a set of Teams tabs that consist of Microsoft Power Apps applications.
When a user launches their first Power App tab, it creates what Microsoft calls a "Dataverse for Teams Environment," which Microsoft says is used to store, manage and share team-specific data, apps and flows.
Teams tabs generally open an iFrame to a page that the app's manifest lists as a trusted domain.
News URL
https://threatpost.com/microsoft-teams-tabs-bec/166909/
Related news
- Ransomware attackers are “vishing” organizations via Microsoft Teams (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Week in review: 48k Fortinet firewalls open to attack, attackers “vishing” orgs via Microsoft Teams (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish (source)