Login

Register

Login

Register

#cybersecurity | #infosec | Microsoft Teams vulnerability patched, could lead to account takeover – | #cybersecurity | #informationsecurity


Microsoft’s Teams collaboration platform contains a vulnerability that can be exploited with a malicious GIF enabling an attacker to take over a company’s Teams accounts.

The issue resides in two Teams sub-domains that were vulnerable to takeover, aadsync-test.teams.microsoft.com and data-dev.teams.microsoft.com, said Cyberark researchers. Once taken over the attacker can use the sub-domain to obtain a legitimate certificate eventually allowing the threat actor to have access to a company’s Teams account base, scrape data or take over accounts.

“If an attacker can somehow force a user to visit the sub-domains that have been taken over, the victim’s browser will send this cookie to the attacker’s server and the attacker (after receiving the authtoken) can create a skype token. After doing all of this, the attacker can steal the victim’s Teams account data,” the researchers said.

Cyberark notified Microsoft of the issue and a patch has been issued

The trick an attacker can use is a malicious GIF, as opposed to a plain link which many people now know not to click on. The process starts by sending an image to a victim with an “src” attribute set to the compromised sub-domain via Teams chat. When the target opens this message, the victim’s browser will try to load the image and this will send the authtoken cookie to the compromised sub-domain and thus to the attacker controlling the sub-domain. Ultimately this provides the attacker a pathway to scrape all the victim’s data.



Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW