all InfoSec news
Malware delivery to Microsoft Teams users made easy
Help Net Security www.helpnetsecurity.com
A tool that automates the delivery of malware from external attackers to target employees’ Microsoft Teams inbox has been released. TeamsPhisher (Source: Alex Reid) About the exploited vulnerability As noted by Jumpsec researchers Max Corbridge and Tom Ellson, Microsoft Teams’ default configuration lets external tenants (i.e., M365 users outside the organization) message an organization’s employees. The same configuration doesn’t allow external tenants to send files, but that restriction can be bypassed by switching the internal … More
The post …
alex attackers collaboration configuration default delivery don't miss employees enterprise exploited external hot stuff jumpsec m365 malware message microsoft microsoft 365 microsoft teams organization red team researchers smbs target teams teamsphisher tool vulnerability