CISObyte 04-29-2020
A vulnerability involving compromised subdomain hosting malicious GIFs has been patched in Microsoft Teams.
“All a user had to do was view the GIF to allow an attacker to scrape data from their account.”
I’ll go on forever preaching Patch Management, it may be the most banal task, but it is also one of the most important functions in establishing a hardened security posture. “As more and more business is conducted from remote locations, attackers are focusing their efforts on exploiting the key technologies – like Zoom and Microsoft Teams – that companies and their employees depend on to stay connected.” “The amount of data that goes into these applications is enormous and often includes confidential information from user names and passwords to top-secret business information – making them prime targets for attackers.” “While limiting your organization to internal communication will reduce your exposure, we found that it is still possible to communicate with an outsider and any interaction that includes a chat interface with an outsider is enough to be affected by this vulnerability.” “The victim sees a regular GIF sent to them –- that’s it!” “The victim will never know that they’ve been attacked, making the exploitation of this vulnerability stealthy and dangerous.”
- Vulnerability Management
- Microsoft
- Teams
- Patch Management
As more and more business is conducted from remote locations, attackers are focusing their efforts on exploiting the key technologies – like Zoom and Microsoft Teams – that companies and their employees depend on to stay connected.