Hi All
Don't you just love Microsoft applications?
A Microsoft Teams vulnerability allows adversaries to sidestep security controls to plant malware on targeted systems. The Teams attack vector was found by researchers who warn as traditional routes of infection, such as inboxes and websites, become more heavily scrutinised communications platforms such as Teams, Slack and Zoom are becoming a more attractive target.
Regards
Caute_Cautim
@Caute_cautim wrote:
A Microsoft Teams vulnerability allows adversaries to sidestep security controls to plant malware on targeted systems.
In the lexicon of the CVE, I'd call this an exposure and not a vulnerability. I don't know Teams well, but the big to-do here is that user A allows user B some collaborative access to A's company space. User B could then POST a payload/file to that space that looks like it came from the company, not an outside user. Maybe I am missing something here, but it seems as though User B is some sort of trusted user (i.e., a collaborator, not just some random Teams user).
I like the point of the article that all these services Teams, Slack, Zoom etc. are now vectors for malware. Frankly, I loathe them from a productivity standpoint. Email has been around for a long time. It has its problems, but we know them. It is standard, and we can work with it. A couple of amateur coders get an AWS account and a suite of emojiis, and people start hopping on the platform as the next great "productivity" tool. Really? OK I exaggerate a bit (it comes with being a curmudgeon), but the first step in security is reducing your attackable footprint. All these collaboration services not only expand your footprint, my guess is they also don't make you more productive as an enterprise either.