Microsoft Teams Archives - Cyber Security Minute

DarkGate Operator Uses Skype, Teams Messages to Distribute Malware

Issued by: Dark Reading

A threat actor is using compromised Skype and Microsoft Teams accounts to distribute DarkGate, a troublesome loader associated with multiple malicious activities, including information theft, keylogging, cryptocurrency miners, and ransomware such as Black Basta. Forty-one percent of the targets of the campaign — which appears to have begun in August — are organizations in the…

Network Security

Organizations Can Now Try Out End-to-End Encrypted Microsoft Teams Calls

Issued by: Security Week

First announced at the tech giant’s Ignite event in March, end-to-end encryption (E2EE) for one-to-one Teams calls is now rolling out to public preview. Organizations can take advantage of the new capability, but IT admins and users will have to manually enable it. When E2EE is used, conversations are encrypted in a way that prevents…

Vulnerabilities

Pwn2Own 2021 Participants Earn Over $1.2 Million for Their Exploits

Issued by: Security Week

Over the course of three days, participants made 23 attempts, targeting Safari, Chrome, Edge, Windows 10, Ubuntu, Microsoft Teams, Zoom, Parallels, Oracle VirtualBox, and Microsoft Exchange. Oracle VirtualBox was only targeted by one team and their attempt failed. The other products were all hacked by at least one team. Results from Pwn2Own 2021The highest rewards…

Software Security

Securing Microsoft Teams: The options are limited

Issued by: CSO

As more remote work from home happens, your collaboration tools need more scrutiny. A popular choice for instant messaging and video conferencing is Microsoft’s Teams, and securing this application will be a challenge. Teams already has had one major exploit that would allow a malicious actor to use the Microsoft Teams Updater to download any…

Vulnerabilities

Microsoft Teams Vulnerability Exposed Organizations to Attacks

Issued by: Security Week

Sending the malicious link or image was simple, but preparing the attack involved multiple steps that would be difficult to achieve for unsophisticated attackers. “We addressed the issue discussed in this blog and worked with the researcher under Coordinated Vulnerability Disclosure. While we have not seen any use of this technique in the wild, we…