Security News > 2024 > February > 5 Steps to Improve Your Security Posture in Microsoft Teams
The cybersecurity risks of SaaS chat apps, such as Microsoft Teams or Slack, often go underestimated.
In the most recently reported case, AT&T Cybersecurity discovered phishing conducted against its Managed Detection and Response customers over Microsoft Teams in a DarkGate malware attack.
If external communication through Teams is required, enable access only for specific domains that regularly interact with users through Teams, to strike a balance between the organization's communication needs and its security.
In the Microsoft Teams Admin Center, under teams policy, toggle "Invite external users to shared channels" to off.
In the Microsoft Teams External Access configurations, disable "External users with Teams accounts not managed by an organization can contact users in my organization." By limiting who can start conversations, you reduce the likelihood of unauthorized access and communication.
Implementing the recommended remediation measures will contribute to a more secure Microsoft Teams environment, safeguarding your organization and its sensitive data from malicious actors.
News URL
Related news
- New Microsoft 365 outage impacts Teams, causes call failures (source)
- Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware (source)
- URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- 53% of security teams lack continuous and up-to-date visibility (source)
- AI agents swarm Microsoft Security Copilot (source)
- After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- Week in review: Chrome sandbox escape 0-day fixed, Microsoft adds new AI agents to Security Copilot (source)
- April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft (source)