Security News
Luckily, there's a new eBook dedicated to helping small security teams better understand cyber insurance policies and how they may impact an organization's cybersecurity measures. Organizations with even the smallest cybersecurity teams are now looking at cyber insurance to protect their businesses from cyber-attacks.
In the world of insurance providers and policies, cyber insurance is a fairly new field. And many security teams are trying to wrap their heads around it. What is it and do they need it? And with...
Hornetsecurity has found an urgent need for greater backup for Microsoft Teams with 45% of users sending confidential and critical information frequently via the platform. Users sharing confidential and sensitive information via Teams.
X-Force saw a nearly 25 percent jump in the number of incidents its IR team responded to from 2020 to 2021. It's a global issue, and as such IBM Security wanted to encourage "An industry-wide recognition and celebration of incident responders," Dine said.
Microsoft is working on updating Microsoft Defender for Office 365 to allow Microsoft Teams users to alert their organization's security team of any dodgy messages they receive.Microsoft Defender for Office 365 protects organizations from malicious threats from email messages, links, and collaboration tools.
Infosec teams require nimble security tools to operate in realistic conditions, which may involve thousands of simultaneous events. In this Help Net Security video, Leonid Belkind, CTO at Torq, discusses parallel execution, which enables security operations professionals to execute more tasks simultaneously to enrich, analyze, contain, and resolve security threats.
Microsoft is investigating a known issue affecting Outlook for Microsoft 365 users and preventing them from creating Teams meetings using the app's ribbon menu. The Teams Meeting add-in, as its name says, can be found in the Calendar view and it enables Outlook users to schedule a Teams meeting from Outlook.
The newly published GIFShell attack method, which occurs through Microsoft Teams, is a perfect example of how threat actors can exploit legitimate features and configurations that haven't been correctly set. Discovered by Bobby Rauch, the GIFShell attack technique enables bad actors to exploit several Microsoft Teams features to act as a C&C for malware, and exfiltrate data using GIFs without being detected by EDR and other network monitoring tools.
The survey also reveals agreement among C-suite executives that a shift left security strategy is a burden on dev teams. At the same time, C-suite executives overwhelmingly favor a shift left approach, a strategy of moving software testing and evaluation to earlier in the development lifecycle, placing the burden of compliance on development teams.
Security analysts have found a severe security vulnerability in the desktop app for Microsoft Teams that gives threat actors access to authentication tokens and accounts with multi-factor authentication turned on. The newly discovered security issue impacts versions of the application for Windows, Linux, and Mac and refers to Microsoft Teams storing user authentication tokens in clear text without protecting access to them.