{"id":29574,"date":"2023-06-27T18:57:15","date_gmt":"2023-06-27T18:57:15","guid":{"rendered":"https:\/\/www.africa-press.net\/botswana\/?p=29574"},"modified":"2023-06-27T18:53:38","modified_gmt":"2023-06-27T18:53:38","slug":"security-research-says-microsoft-teams-susceptible-to-malware-attack","status":"publish","type":"post","link":"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack","title":{"rendered":"Security Research Says Microsoft Teams Susceptible to Malware Attack"},"content":{"rendered":"<p><span style=\"color: #ff6600\"><strong>Africa-Press &#8211; Botswana. <\/strong><\/span><b>Security researchers have found a simple way to deliver malware to an organization with Microsoft Teams, despite restrictions in the application for files from external sources.<\/b><\/p>\n<p>With 280 million monthly active users, Microsoft Teams has been adopted by organizations as a communication and collaboration platform part of the Microsoft 365 cloud-based services.<\/p>\n<p>Given the product\u2019s popularity with various organizations, Max Corbridge and Tom Ellson \u2013 members of the Red Team at UK-based security services company Jumpsec, poked around and discovered a way to deliver malware using Microsoft Teams with an account outside the target organization.<\/p>\n<p><b>Attack details<\/b><\/p>\n<p>The attack works with Microsoft Teams running the default configuration, which permits communication with Microsoft Teams accounts outside the company, typically referred to as \u201cexternal tenants.\u201d<\/p>\n<p>Corbridge explains in a report that while this communication bridge would be enough for social engineering and phishing attacks, the method they found is more powerful as it allows sending a malicious payload directly to a target inbox.<\/p>\n<p>Microsoft Teams has client-side protections in place to block file delivery from external tenant accounts.<\/p>\n<p>However, the two Jumpsec Red Team members found that they could go around the restriction by changing the internal and external recipient ID in the POST request of a message, thus fooling the system into treating an external user as an internal one.<\/p>\n<p>The researchers tested the technique in the field and were able to successfully deliver a command and control payload into a target organizations inbox, as part of a covert red team engagement.<\/p>\n<p>Attack example with the sender posing as a member of the IT team (Jumpsec)<\/p>\n<p>This attack bypasses existing security measures and anti-phishing training advice, giving attackers a fairly easy way to infect any organization using Microsoft Teams with its default configuration.<\/p>\n<p>Furthermore, if the attacker registers a domain similar to the target organizations on Microsoft 365, their messages could be made to appear as if they come from someone inside the organization, and not an external tenant, thus increasing the likelihood of the target downloading the file.<\/p>\n<p><b>Microsoft\u2019s response<\/b><\/p>\n<p>The researchers reported their findings to Microsoft, assuming that the impact was significant enough to guarantee an immediate response from the tech giant.<\/p>\n<p>Although Microsoft confirmed the existence of the flaw, the reply was that \u201cit does not meet the bar for immediate servicing,\u201d meaning that the company does not see an urgency in fixing it.<\/p>\n<p>BleepingComputer has also contacted Microsoft to ask when they plan to fix the issue and whether its severity has been reconsidered but we have not received a response by the time of publishing.<\/p>\n<p>The recommended action for organizations that use Microsoft Teams and do not need to maintain regular communication with external tenants is to disable this feature from \u201cMicrosoft Teams Admin Center &gt; External Access.\u201d<\/p>\n<p>If external channels of communication need to be maintained, organizations can define specific domains in an allow-list, to lower the risk of exploitation.<\/p>\n<p>Jumpsec\u2019s researchers also submitted a request to add external tenant-related events in the software\u2019s logging, which could help prevent attacks as they unfold, so vote this up if you want to contribute to pressing Microsoft to take action.<\/p>\n<p><strong>For More News And Analysis About <a href=\"https:\/\/www.africa-press.net\/botswana\">Botswana<\/a> Follow <a href=\"https:\/\/www.africa-press.net\/\">Africa-Press<\/a><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Africa-Press &#8211; Botswana. Security researchers have found a simple way to deliver malware to an organization with Microsoft Teams, despite restrictions in the application for files from external sources. With 280 million monthly active users, Microsoft Teams has been adopted by organizations as a communication and collaboration platform part of the Microsoft 365 cloud-based services. [&hellip;]<\/p>\n","protected":false},"author":84,"featured_media":29573,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2,9],"tags":[233,237,234],"class_list":["post-29574","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-all-news","category-miscellaneous","tag-africa-press","tag-africa-press-botswana","tag-botswana"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.1 (Yoast SEO v27.0) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Security Research Says Microsoft Teams Susceptible to Malware Attack - Botswana<\/title>\n<meta name=\"description\" content=\"Security researchers have found a simple way to deliver malware to an organization with Microsoft Teams, despite rest ...\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Security Research Says Microsoft Teams Susceptible to Malware Attack\" \/>\n<meta property=\"og:description\" content=\"Security researchers have found a simple way to deliver malware to an organization with Microsoft Teams, despite rest ...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack\" \/>\n<meta property=\"og:site_name\" content=\"Botswana\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/AfricaPressTunisiaa\" \/>\n<meta property=\"article:published_time\" content=\"2023-06-27T18:57:15+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/static.africa-press.net\/botswana\/sites\/38\/2023\/06\/sm_1687874505.316366.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1421\" \/>\n\t<meta property=\"og:image:height\" content=\"904\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"cfeditoren\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"cfeditoren\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack\"},\"author\":{\"name\":\"cfeditoren\",\"@id\":\"https:\/\/www.africa-press.net\/botswana\/#\/schema\/person\/068c7ab4e9634ae78ec5d54ec46598bb\"},\"headline\":\"Security Research Says Microsoft Teams Susceptible to Malware Attack\",\"datePublished\":\"2023-06-27T18:57:15+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack\"},\"wordCount\":544,\"commentCount\":0,\"image\":{\"@id\":\"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack#primaryimage\"},\"thumbnailUrl\":\"https:\/\/static.africa-press.net\/botswana\/sites\/38\/2023\/06\/sm_1687874505.316366.jpg\",\"keywords\":[\"Africa Press\",\"Africa Press-Botswana\",\"Botswana\"],\"articleSection\":[\"all news\",\"miscellaneous\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack\",\"url\":\"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack\",\"name\":\"Security Research Says Microsoft Teams Susceptible to Malware Attack - Botswana\",\"isPartOf\":{\"@id\":\"https:\/\/www.africa-press.net\/botswana\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack#primaryimage\"},\"thumbnailUrl\":\"https:\/\/static.africa-press.net\/botswana\/sites\/38\/2023\/06\/sm_1687874505.316366.jpg\",\"datePublished\":\"2023-06-27T18:57:15+00:00\",\"author\":{\"@id\":\"https:\/\/www.africa-press.net\/botswana\/#\/schema\/person\/068c7ab4e9634ae78ec5d54ec46598bb\"},\"description\":\"Security researchers have found a simple way to deliver malware to an organization with Microsoft Teams, despite rest ...\",\"breadcrumb\":{\"@id\":\"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack#primaryimage\",\"url\":\"https:\/\/static.africa-press.net\/botswana\/sites\/38\/2023\/06\/sm_1687874505.316366.jpg\",\"contentUrl\":\"https:\/\/static.africa-press.net\/botswana\/sites\/38\/2023\/06\/sm_1687874505.316366.jpg\",\"width\":1421,\"height\":904,\"caption\":\"Security Research Says Microsoft Teams Susceptible to Malware Attack\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.africa-press.net\/botswana\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security Research Says Microsoft Teams Susceptible to Malware Attack\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.africa-press.net\/botswana\/#website\",\"url\":\"https:\/\/www.africa-press.net\/botswana\/\",\"name\":\"Botswana\",\"description\":\"Just another Africa News Agency Sites site\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.africa-press.net\/botswana\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.africa-press.net\/botswana\/#\/schema\/person\/068c7ab4e9634ae78ec5d54ec46598bb\",\"name\":\"cfeditoren\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.africa-press.net\/botswana\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/7417380fa9e23b5c57fdbfdaf3fdf92ee478f759a084addda5faa3732853e74a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/7417380fa9e23b5c57fdbfdaf3fdf92ee478f759a084addda5faa3732853e74a?s=96&d=mm&r=g\",\"caption\":\"cfeditoren\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Security Research Says Microsoft Teams Susceptible to Malware Attack - Botswana","description":"Security researchers have found a simple way to deliver malware to an organization with Microsoft Teams, despite rest ...","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack","og_locale":"en_US","og_type":"article","og_title":"Security Research Says Microsoft Teams Susceptible to Malware Attack","og_description":"Security researchers have found a simple way to deliver malware to an organization with Microsoft Teams, despite rest ...","og_url":"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack","og_site_name":"Botswana","article_publisher":"https:\/\/www.facebook.com\/AfricaPressTunisiaa","article_published_time":"2023-06-27T18:57:15+00:00","og_image":[{"width":1421,"height":904,"url":"https:\/\/static.africa-press.net\/botswana\/sites\/38\/2023\/06\/sm_1687874505.316366.jpg","type":"image\/jpeg"}],"author":"cfeditoren","twitter_card":"summary_large_image","twitter_misc":{"Written by":"cfeditoren","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack#article","isPartOf":{"@id":"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack"},"author":{"name":"cfeditoren","@id":"https:\/\/www.africa-press.net\/botswana\/#\/schema\/person\/068c7ab4e9634ae78ec5d54ec46598bb"},"headline":"Security Research Says Microsoft Teams Susceptible to Malware Attack","datePublished":"2023-06-27T18:57:15+00:00","mainEntityOfPage":{"@id":"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack"},"wordCount":544,"commentCount":0,"image":{"@id":"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack#primaryimage"},"thumbnailUrl":"https:\/\/static.africa-press.net\/botswana\/sites\/38\/2023\/06\/sm_1687874505.316366.jpg","keywords":["Africa Press","Africa Press-Botswana","Botswana"],"articleSection":["all news","miscellaneous"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack","url":"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack","name":"Security Research Says Microsoft Teams Susceptible to Malware Attack - Botswana","isPartOf":{"@id":"https:\/\/www.africa-press.net\/botswana\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack#primaryimage"},"image":{"@id":"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack#primaryimage"},"thumbnailUrl":"https:\/\/static.africa-press.net\/botswana\/sites\/38\/2023\/06\/sm_1687874505.316366.jpg","datePublished":"2023-06-27T18:57:15+00:00","author":{"@id":"https:\/\/www.africa-press.net\/botswana\/#\/schema\/person\/068c7ab4e9634ae78ec5d54ec46598bb"},"description":"Security researchers have found a simple way to deliver malware to an organization with Microsoft Teams, despite rest ...","breadcrumb":{"@id":"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack#primaryimage","url":"https:\/\/static.africa-press.net\/botswana\/sites\/38\/2023\/06\/sm_1687874505.316366.jpg","contentUrl":"https:\/\/static.africa-press.net\/botswana\/sites\/38\/2023\/06\/sm_1687874505.316366.jpg","width":1421,"height":904,"caption":"Security Research Says Microsoft Teams Susceptible to Malware Attack"},{"@type":"BreadcrumbList","@id":"https:\/\/www.africa-press.net\/botswana\/all-news\/security-research-says-microsoft-teams-susceptible-to-malware-attack#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.africa-press.net\/botswana\/"},{"@type":"ListItem","position":2,"name":"Security Research Says Microsoft Teams Susceptible to Malware Attack"}]},{"@type":"WebSite","@id":"https:\/\/www.africa-press.net\/botswana\/#website","url":"https:\/\/www.africa-press.net\/botswana\/","name":"Botswana","description":"Just another Africa News Agency Sites site","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.africa-press.net\/botswana\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.africa-press.net\/botswana\/#\/schema\/person\/068c7ab4e9634ae78ec5d54ec46598bb","name":"cfeditoren","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.africa-press.net\/botswana\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/7417380fa9e23b5c57fdbfdaf3fdf92ee478f759a084addda5faa3732853e74a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7417380fa9e23b5c57fdbfdaf3fdf92ee478f759a084addda5faa3732853e74a?s=96&d=mm&r=g","caption":"cfeditoren"}}]}},"_links":{"self":[{"href":"https:\/\/www.africa-press.net\/botswana\/wp-json\/wp\/v2\/posts\/29574","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.africa-press.net\/botswana\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.africa-press.net\/botswana\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.africa-press.net\/botswana\/wp-json\/wp\/v2\/users\/84"}],"replies":[{"embeddable":true,"href":"https:\/\/www.africa-press.net\/botswana\/wp-json\/wp\/v2\/comments?post=29574"}],"version-history":[{"count":0,"href":"https:\/\/www.africa-press.net\/botswana\/wp-json\/wp\/v2\/posts\/29574\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.africa-press.net\/botswana\/wp-json\/wp\/v2\/media\/29573"}],"wp:attachment":[{"href":"https:\/\/www.africa-press.net\/botswana\/wp-json\/wp\/v2\/media?parent=29574"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.africa-press.net\/botswana\/wp-json\/wp\/v2\/categories?post=29574"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.africa-press.net\/botswana\/wp-json\/wp\/v2\/tags?post=29574"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}