Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion
‎08-03-2023 04:35 PM
‎08-03-2023 04:35 PM

Russia-backed hackers used Microsoft Teams to breach government agencies

Hi All

 

A touch on Humint and Sigint.....  By the Russians on Microsoft Teams....

 

https://techcrunch.com/2023/08/03/russia-hackers-microsoft-teams-government/

 

“If the target user accepts the message request, the user then receives a Microsoft Teams message from the attacker attempting to convince them to enter a code into the Microsoft Authenticator app on their mobile device,” Microsoft said. If the victim follows these instructions, the hacker is able to gain full access to the users’ account.

 

Microsoft says it has mitigated the hacking group from using the domains and “continues to investigate this activity,” including the hackers’ precursory attacks to compromise legitimate Azure tenants and the use of homoglyph domains — domains that take advantage of similarities in font letters to impersonate legitimate domains — in social engineering campaigns.

 

Now think of the implications...

 

Regards

 

Caute_Cautim

Reply
1 Reply
phr
Newcomer I
‎08-14-2023 04:41 PM
‎08-14-2023 04:41 PM

It is very possible that more than one IT administrator or who has a range of permissions over your organization's infrastructure falls for this.

 

It is common to see attacks of this type when looking for job offers or being in the application process itself.

 

PHR

Reply