1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • The US Navy has hacked Microsoft Teams to send malware

    From TechnologyDaily@1337:1/100 to All on Thu Jul 6 16:45:04 2023
    The US Navy has hacked Microsoft Teams to send malware

    Date:
    Thu, 06 Jul 2023 15:31:51 +0000

    Description:
    The red team at the US Navy has developed a tool that could spell danger for business users of Microsoft Teams.

    FULL STORY ======================================================================

    Security experts at the US Navy have developed a tool to exploit a recently discovered flaw in Microsoft Teams .

    Last month, the video conferencing software was found to have bug which allowed files sent from external accounts to be received into an organization's inbox, something that is supposed to be prohibited.

    The red team at the US Navy has made a tool called TeamsPhisherthat makes use of this flaw, which involves simply changing the ID in the POST request of a message to make Teams think that the external file send has actually come
    from an internal account, and is therefore accepted. TeamsPhisher

    Written in Python , the tool can carry out attacks with full autonomy. All
    the user has to do is write the accompanying message, attach the file and
    give it a list of targets to hit. It will work out which targets have
    external message reception turned on and only attack those, as this has to be enabled for the attack to work.

    Another trick it uses is to make the new thread with the user a group chat by including the target's email twice. According to the description on the
    tool's GitHub page, this will, "bypass the "Someone outside your organization messaged you, are you sure you want to view it" splash screen that can give our targets reason for pause." read more

    What is phishing and how dangerous is it?



    These are the best online collaboration tools around



    Microsoft Teams will soon hide evidence of your biggest video call mistakes

    The message is sent to the user and the attachment will be linked in the user's Sharepoint.

    TeamsPhisher also requires the targets to have Microsoft Business accounts with a Teams and Sharepoint license, which many companies who use Teams will. The tool can also delay messages to prevent running up against rate limits,
    as well as write its outputs to a log file.

    A threat actor could use TeamsPhisher to deliver malware to Teams users who have external messaging turned on. Microsoft has not yet fixed the issue, and said that it isn't even serious enough to merit immediate attention from the company.

    It also said that it is aware of the new TeamsPhisher tool and notes that it relies on social engineering to work, so is advising users merely to be cautious when receiving any links or attachments.

    Users can disable external messages by navigating to the Microsoft Teams
    Admin Center and then to External Access. If users do not wish to block all external communications, then they can choose to communicate with trusted domains only by adding them to the allow list. Here is the best endpoint protection for your business



    ======================================================================
    Link to news story: https://www.techradar.com/pro/the-us-navy-has-hacked-microsoft-teams-to-send-m alware


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)