Pierluigi Paganini February 17, 2022
Threat actors leverage Microsoft Teams to spread malware

Attackers compromise Microsoft Teams accounts to attach malicious executables to chat and spread them to participants in the conversation. While the popularity of Microsoft Teams continues to grow, with roughly 270 million monthly active users, threat actors started using it as an attack vector. Starting in January 2022, security researchers from Avanan observed attackers compromising […]

Pierluigi Paganini December 23, 2021
Three trivial bugs in Microsoft Teams Software remain unpatched

Researchers disclosed four vulnerabilities in the Teams business communication software, but Microsoft will not address three of them. Researchers from cybersecurity firm Positive Security discovered four vulnerabilities in the Teams business communication software that could allow accessing internal Microsoft services, spoofing the link preview, and, for Android users, leaking their IP address, and triggering a […]

Pierluigi Paganini August 06, 2020
Hackers can abuse Microsoft Teams updater to deliver malicious payloads

Threat actors can abuse Microsoft Teams updater to retrieve and execute malicious code from a remote location. Security experts from Trustwave detailed the  Living Off the Land technique that could allow a threat actor to abuse the MS Teams Updater to download any binary or malicious payload from a remote server. The bad news is […]