Once Microsoft finally closed the door on the Office macro the threat actors had to move on:
Microsoft Office Macros – The Good, The Bad and the Ugly – CyberAwake
OneNote was their first target:
Now OneNote is an attack vector | Smart Thinking Solutions
QakNote – OneNote malware now has name | Smart Thinking Solutions
Now Teams is in the firing line:
New tool exploits Microsoft Teams bug to send malware to users (bleepingcomputer.com)
I wrote about the flaw that is being exploited by the TeamsPhisher tool (produced by a cyber security researcher, a member of the US Navy Red Team), last month. At that time Microsoft has no plans to accelerate a patch for the issue! May be they will now?
Microsoft Teams – a way in for malicious software | Smart Thinking Solutions
Your takeaway
Make sure everyone knows that there is a risk when accepting files via Teams from people outside your organisation. The decision to accept and open a file should only be made depending on who exactly is sending them the file. Do they really know them?
Meanwhile we wait for Microsoft!
Clive Catton MSc (Cyber Security) – by-line and other articles