Single Malicious GIF Opened Microsoft Teams to Nasty Attack

27 April 2020

Microsoft has fixed a subdomain takeover vulnerability in its collaboration platform Microsoft Teams that could of allowed an inside attacker to weaponized a single GIF image and use it to pilfer data from targeted systems and take over all of an organization’s Teams accounts. The attack simply involved tricking a victim into viewing a malicious GIF image for it to work, according to researchers at CyberArk who also created a proof-of-concept (PoC) of the attack.

Read full article on Threat Post

Date:

27 April 2020

Categorie(s):

NEWS

Tag(s):

Access Tokens, Api, Attacks, Cloud Computing, Cloud Security

Akamai to acquire Noname Security for $450M to enhance API security offerings7 May 2024
Australia News live: Electric Fields crash out of Eurovision semi-final; half of NSW threatened species face extinction7 May 2024
#RSAC: Two-Thirds of Organizations Failing to Address AI Risks, ISACA Finds7 May 2024
Watch out for rogue DHCP servers decloaking your VPN connections7 May 2024
Major UK Security Provider Leaks Trove of Guard and Suspect Data7 May 2024