Security News > 2024 > February > 5 Steps to Improve Your Security Posture in Microsoft Teams
The cybersecurity risks of SaaS chat apps, such as Microsoft Teams or Slack, often go underestimated.
In the most recently reported case, AT&T Cybersecurity discovered phishing conducted against its Managed Detection and Response customers over Microsoft Teams in a DarkGate malware attack.
If external communication through Teams is required, enable access only for specific domains that regularly interact with users through Teams, to strike a balance between the organization's communication needs and its security.
In the Microsoft Teams Admin Center, under teams policy, toggle "Invite external users to shared channels" to off.
In the Microsoft Teams External Access configurations, disable "External users with Teams accounts not managed by an organization can contact users in my organization." By limiting who can start conversations, you reduce the likelihood of unauthorized access and communication.
Implementing the recommended remediation measures will contribute to a more secure Microsoft Teams environment, safeguarding your organization and its sensitive data from malicious actors.
News URL
Related news
- Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API (source)
- 3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update (source)
- Fleet: Open-source platform for IT and security teams (source)
- Ransomware attackers are “vishing” organizations via Microsoft Teams (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- ‘Sneaky Log’ Microsoft Spoofing Scheme Sidesteps Two-Factor Security (source)
- Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs (source)
- Week in review: 48k Fortinet firewalls open to attack, attackers “vishing” orgs via Microsoft Teams (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- Microsoft: January Windows security updates break audio playback (source)