Microsoft Teams Bug Allows Malware Delivery From External Accounts

[ad_1]

Microsoft Teams has a vulnerability that could see it being abused as a vector for delivering malware.

Security researchers at Jumpsec discovered a way to use the video conferencing software to inject malware into an organization’s network from a Teams account that is outside of the organization in question.

Using default configurations, the attack leverages the ability of an organization’s Microsoft Teams client to accept communications from ‘external tenants’ – those using Teams accounts from outside the company.

External communications

The Jumpsec report notes that while this exploit can be used to perpetrate social engineering and phishing attacks, it can also be used to send malware payloads to another inbox, despite Teams having protections to block files coming from external tenants.

The researchers found a way to bypass these restrictions, by altering the recipient ID both internally and externally in the POST request of a message, tricking Teams into thinking an external account is actually internal.

During their tests, the researchers were able to successfully deliver a command and control payload into another organization’s inbox, as part of a covert operation.

There is no need to bother with crafting a convincing phishing message to lure the victim, and if the threat actor were to register a domain similar to the target’s, then it may fool workers into thinking the link came from within the company, and therefore safe to download.

After reporting the exploit to Microsoft, the tech giant responded that “it does not meet the bar for immediate servicing,” signifying the relatively low risk it thinks it poses. It has not yet confirmed when it will likely provide a patch.

Communication with external tenants can be disabled by navigating to the Microsoft Teams Admin Center and then to External Access. If you do not wish to block all external communications, then you can choose to communicate with trusted domains only by adding them to the allow list.

The researchers also submitted their findings to the Microsoft Teams feedback portal, where users can up-vote the post in the hope of pressing Microsoft to attend to the issue quicker.

[ad_2]
#Microsoft #Teams #bug #malware #delivery #external #accounts

Microsoft Teams bug allows malware delivery from external accounts

Leave a Comment Cancel reply

Product Highlight

Recent Posts

SSC all exams, links is here

Beat the blackout: A citizen`s guide to load management as extreme heatwaves overload India`s power transformers

Calcutta HC orders fresh CBI SIT probe into RG Kar rape case `cover-up` claims

Forget just water: The AYUSH guide to `electrolyte-rich`, cooling and hydrating foods for 45°C summer

IMD heatwave alert: 45°C temperature to grip north and east India for next 7 days

Punjab govt`s Sehat Yojana saves woman in critical diabetic emergency

2019 Pulwama terror attack mastermind Hamza Burhan killed by unknown gunmen in PoK

`Cockroaches don`t die!`: Viral Cockroach Janta Party launches defiant new handle after original account withheld by X

Essel Group will remain dedicated to nation for next 100 years, says Dr. Subhash Chandra on 100th Anniversary of Essel Group

Ebola outbreak scare: Delhi airport issues urgent travel advisory; India-Africa summit postponed

Jagan Mohan Reddy accuses CM Chandrababu Naidu of misleading people over Amaravati

Welcome

Categorys

Site Links