Security News > 2024 > February > 5 Steps to Improve Your Security Posture in Microsoft Teams
The cybersecurity risks of SaaS chat apps, such as Microsoft Teams or Slack, often go underestimated.
In the most recently reported case, AT&T Cybersecurity discovered phishing conducted against its Managed Detection and Response customers over Microsoft Teams in a DarkGate malware attack.
If external communication through Teams is required, enable access only for specific domains that regularly interact with users through Teams, to strike a balance between the organization's communication needs and its security.
In the Microsoft Teams Admin Center, under teams policy, toggle "Invite external users to shared channels" to off.
In the Microsoft Teams External Access configurations, disable "External users with Teams accounts not managed by an organization can contact users in my organization." By limiting who can start conversations, you reduce the likelihood of unauthorized access and communication.
Implementing the recommended remediation measures will contribute to a more secure Microsoft Teams environment, safeguarding your organization and its sensitive data from malicious actors.
News URL
Related news
- Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
- Microsoft Ignite 2024 Unveils Groundbreaking AI, Security, and Teams Innovations (source)
- Microsoft overhauls security for publishing Edge extensions (source)
- SOC teams are frustrated with their security tools (source)
- Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild (source)
- Top 5 Cloud Security Automations for SecOps Teams (source)
- Microsoft warns it lost some customer's security logs for a month (source)
- Microsoft lost some customers’ cloud security logs (source)
- Black Basta poses as IT support on Microsoft Teams to breach networks (source)
- Black Basta ransomware poses as IT support on Microsoft Teams to breach networks (source)