The latest version of Microsoft Teams had a security flaw uncovered recently.
Due to this flaw, there is a possibility for malware to be injected into organizations that rely on the default configuration of Microsoft Teams.
Successful exploitation of this vulnerability enables the threat actors to evade the client-side security controls. This security feature prohibits users outside the organization from sending any file to the organization’s internal users.
How?
Attackers easily infect organizations using Microsoft Teams by bypassing security measures and anti-phishing training, exploiting the default configuration of it.
By registering a domain similar to the target’s Microsoft 365, the attacker can create messages that appear internal rather than external, increasing the chance of the target downloading the file without suspicion.
Microsofts Response...
Researchers notified Microsoft of their findings, expecting an immediate response due to the considerable impact observed.
Despite Microsoft acknowledging the flaw’s existence, its response indicated that it does not meet the threshold for immediate action, implying a lack of urgency to address the issue.
What You Can Do?
To minimize risk, organizations utilizing Microsoft Teams without requiring regular communication with external users should disable this feature.
If you need assistance in completing this and would us to check over your current configuration or if you think members of your team wouldn't be able to recognise if someone trying to contact isn't genuine then we do also offer Cyber Security Awareness Training.
Please feel free to get in touch to discuss either option.