Posts: 3,726
Threads: 876
Thanks Received: 8,708 in 3,417 posts
Thanks Given: 8,298
Joined: Jul 2018
Reputation:
361
Quote:Threat actors are targeting Microsoft Teams users by planting malicious documents in chat threads that execute Trojans that ultimately can take over end-user machines, researchers have found.
In January, researchers at Avanan, a Check Point Company, began tracking the campaign, which drops malicious executable files in Teams conversations that, when clicked on, eventually take over the user’s computer, according to a report published Thursday. “Using an executable file, or a file that contains instructions for the system to execute, hackers can install DLL files and allow the program to self-administer and take control over the computer,” cybersecurity researcher and analyst at Avanan Jeremy Fuchs wrote in a report. “By attaching the file to a Teams attack, hackers have found a new way to easily target millions of users.”
Once an attacker gains access to Teams, it’s fairly easy to navigate and slip past any security protections, he noted. This is because “default Teams protections are lacking, as scanning for malicious links and files is limited,” and “many email security solutions do not offer robust protection for Teams,” Fuchs wrote.
Another reason Teams is easy for hackers to compromise is that end users inherently trust the platform, sharing sensitive and even confidential data with abandon while using it, he said. “For example, an Avanan analysis of hospitals that use Teams found that doctors share patient medical information practically with no limits on the Teams platform,” Fuchs wrote. “Medical staff generally know the security rules and risk of sharing information via email, but ignore those when it comes to Teams. In their mind, everything can be sent on Teams.” Further, nearly every Teams user can invite people from other departments or other companies to collaborate via the platform, and there is often “minimal oversight” over these requests because of the trust people have
Source https://threatpost.com/microsoft-teams-t...ns/178497/
Posts: 348
Threads: 68
Thanks Received: 440 in 192 posts
Thanks Given: 813
Joined: Sep 2015
Reputation:
7
Need to wall off Internet from China and Russia.
(02-20-2022 , 06:06 AM)Mohammad.Poorya Wrote: Quote:Threat actors are targeting Microsoft Teams users by planting malicious documents in chat threads that execute Trojans that ultimately can take over end-user machines, researchers have found.
In January, researchers at Avanan, a Check Point Company, began tracking the campaign, which drops malicious executable files in Teams conversations that, when clicked on, eventually take over the user’s computer, according to a report published Thursday. “Using an executable file, or a file that contains instructions for the system to execute, hackers can install DLL files and allow the program to self-administer and take control over the computer,” cybersecurity researcher and analyst at Avanan Jeremy Fuchs wrote in a report. “By attaching the file to a Teams attack, hackers have found a new way to easily target millions of users.”
Once an attacker gains access to Teams, it’s fairly easy to navigate and slip past any security protections, he noted. This is because “default Teams protections are lacking, as scanning for malicious links and files is limited,” and “many email security solutions do not offer robust protection for Teams,” Fuchs wrote.
Another reason Teams is easy for hackers to compromise is that end users inherently trust the platform, sharing sensitive and even confidential data with abandon while using it, he said. “For example, an Avanan analysis of hospitals that use Teams found that doctors share patient medical information practically with no limits on the Teams platform,” Fuchs wrote. “Medical staff generally know the security rules and risk of sharing information via email, but ignore those when it comes to Teams. In their mind, everything can be sent on Teams.” Further, nearly every Teams user can invite people from other departments or other companies to collaborate via the platform, and there is often “minimal oversight” over these requests because of the trust people have
Source https://threatpost.com/microsoft-teams-t...ns/178497/
|