Zoom video conferencing tool has been facing security and vulnerability issues since the beginning of the Coronavirus pandemic but this time Microsoft’s very own Microsoft Teams service was exposed to account take over vulnerability.
Microsoft Teams is a workplace collaboration and communication platform that allows organizations to communicate via video conferencing, store files, initiate chat, and integrate applications simultaneously. It has emerged as a very useful and productive medium of communication in recent times, specifically nowadays when the world is held hostage to the COVID-19 pandemic.
However, this very aspect is in itself a great threat to organizational data safety as none of the applications currently available are free from security loopholes, and the same is the case with Microsoft Teams.
See: Hackers Hide Monero Cryptominer in Scarlett Johansson’s Picture
Reportedly, CyberArk’s researchers identified a worm-like vulnerability in Microsoft Teams, which hackers could exploit to hijack an entire roaster of MS Teams accounts at an organization by sending malicious URLs or GIF images to Teams users.
The vulnerability is related to the way MS Teams processes authentication access tokens and passes them to resources containing images. If an attacker manages to create a GIF file or URL, Teams will send the authentication token to the attacker’s server while processing it.
Support the originator by clicking the read the rest link below.
