Security Snapshot is now part of SurgeONE.ai Same experts, even more power.
< BACK TO BLOG

Not a Teams Player

May 30, 2023

Wondering how that odd file ended up in Teams for you to download?

Security researchers at JUMPSEC Labs have uncovered a way to exploit the Microsoft Teams External Tenants feature.   A bug in the latest version allows external sources to send files to an organization's employees even though the application is supposed to block such activity.

The default Microsoft Teams configuration allows users from outside the company to reach out to its employees but the ability for an external source to send a file via Teams is blocked.  The bug discovered by the researchers allows an attacker to bypass the file block and send malware laden files.

Precautions:

  1. Have staff treat files available via Teams just as they do email.  If you are not expecting it, verify.
  2. Don't ignore External content banners
  3. Be on the lookout for lookalike domains: myp1anningco.com  vs myplamingco.com vs myplanningco.com.  These can be particularly troublesome on smartphones.
  4. Hope Microsoft releases a bug fix sooner than later and when they do, apply the patch ASAP.

Sources: JUMPSEC Labs, DarkReading

Need Help Now?
sales@surgeone.ai
+1 650-294-8889
How it WorksOur ProcessPricing Options
What Our Clients SayWho We ServeCyber Bites
About usPrivacy policyContact Us
© Security Snapshot.
Privacy Policy | Master Services Agreement