Security News > 2021 > June > Microsoft Teams: Very Bad Tabs Could Have Led to BEC
Such attacks could be carried out via a malicious Microsoft Teams tab and Power Automate flows, Grant explained.
Ca organization - can create a malicious Teams tab and use it to "Eventually steal emails, Teams messages and files from gooduser(at)fakecorp.ca, and send emails and messages on their behalf."
As Grant detailed, Microsoft Teams has a default feature that allows a user to launch small apps as a tab in any team they belong to.
If a given user is part of an Office 365/Teams organization with a Business Basic license or above, they can also access a set of Teams tabs that consist of Microsoft Power Apps applications.
When a user launches their first Power App tab, it creates what Microsoft calls a "Dataverse for Teams Environment," which Microsoft says is used to store, manage and share team-specific data, apps and flows.
Teams tabs generally open an iFrame to a page that the app's manifest lists as a trusted domain.
News URL
https://threatpost.com/microsoft-teams-tabs-bec/166909/
Related news
- Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
- Black Basta poses as IT support on Microsoft Teams to breach networks (source)
- Black Basta ransomware poses as IT support on Microsoft Teams to breach networks (source)
- Black Basta operators phish employees via Microsoft Teams (source)
- Week in review: Windows Themes spoofing bug “returns”, employees phished via Microsoft Teams (source)
- Microsoft Ignite 2024 Unveils Groundbreaking AI, Security, and Teams Innovations (source)