Headlines

Microsoft Teams’ Security Features Under Scrutiny As Cyberattacks Increase

Microsoft Teams' Security Features Under Scrutiny As Cyberattacks Increasemicrosoftteams,securityfeatures,scrutiny,cyberattacks,increase

Microsoft Teams Faces Scrutiny over Cybersecurity Features

Introduction

Internet security has become a crucial aspect of online communication, especially in business environments. As a result, hackers have been on the prowl trying to find vulnerabilities that they can exploit to gain access to sensitive information. Recently, cybersecurity researchers identified several ways that hackers could use Microsoft Teams functionalities to phish users or deliver malware to their computers without their knowledge.

Microsoft Teams and Its Vulnerabilities

According to a report by Proofpoint, hackers could potentially trigger a malicious payload or redirect users to malicious sites using tabs in the Teams user interface—without leaving any trace. By meeting invites or messages, hackers could replace legitimate URLs with malicious ones. These risky Teams functionalities provide an almost perfect attack platform for threat actors to target victims without being detected.

However, all of the scenarios mentioned above require an attacker to have a compromised account or session token at hand to execute. Hackers have long been targeting and cracking enterprise Teams environments, with about 60% of Microsoft 365 tenants subject to at least one successful account takeover incident in 2021. Teams was the tenth most-targeted sign-in application with 39% of targeted organizations experiencing at least one unauthorized, malicious login attempt.

Teams’ Tabs Problem

Teams tabs may point to applications, websites, and files, making them vulnerable to attacks. A malicious user could create a new tab to point to a malicious domain, rename it to deceive users, and reposition it to break Teams’ conventions. A hacker could create a tab pointing to a malicious URL, rename it “Files,” and reposition it to supersede the legitimate “Files” tab in a user’s chat window. This could be attractive to attackers since a website tab’s URL is not visible to users until they visit the tab’s “settings” menu. Hackers could simply point their tab to a malicious file, and Teams would automatically download it to the user’s device without any questions asked.

Modifying Links in Meetings and Messages

Attendees in Teams meetings can sabotage auto-generated meeting links found in calendar invites, swapping them out with malicious ones using API calls. Since meeting links tend to be busy, victims may have a hard time identifying the difference. In addition, they can manipulate hyperlinks in chat messages, modifying the underlying URL to point somewhere malicious. A simple script run by attackers using Teams API could retroactively weaponize countless URLs within seconds.

Solutions to the Problem

Business users often share highly sensitive information and documents on Teams, making the consequences of compromise high. Organizations can make informed decisions by increasing transparency about the inherent risks of using first-party applications such as Teams. This may include making “hidden” URLs more accessible, adding and strengthening security measures to block automatic redirection to unwanted websites, and automatic file downloads.

Conclusion

In conclusion, hackers will continue to find ways to exploit vulnerabilities in Teams’ functions. Organizations must implement and improve security measures to prevent cyber attacks. Microsoft encourages users to observe best practices such as embracing the Zero Trust Security model, managing security, antivirus updates, and adopting robust strategies for authentication. Internet security should not be taken for granted, and business organizations must continue to scrutinize the security features of all their communication platforms.

Cybersecurity.-microsoftteams,securityfeatures,scrutiny,cyberattacks,increase


Microsoft Teams
<< photo by ThisIsEngineering >>

You might want to read !