I have covered this before – a security flaw in Teams that Microsoft is in no hurry to fix, as the user has to comprise their own system. A situation that Microsoft has decided is unlikely! First there was research. Microsoft Teams – a way in for malicious software Then …
Now Microsoft Teams is a target for threat actors
Once Microsoft finally closed the door on the Office macro the threat actors had to move on: Microsoft Office Macros – The Good, The Bad and the Ugly – CyberAwake OneNote was their first target: Now OneNote is an attack vector | Smart Thinking Solutions QakNote – OneNote malware now …
Continue reading “Now Microsoft Teams is a target for threat actors”
When planning for a cyber incident – remember about outages
Cyber incidents that impact your organisation are not always malicious. A cleaner could pull the plug on your server or a member of staff may inadvertently switch a vital bit of your network off (I have seen t done, too many times) or a service that you rely on may …
Continue reading “When planning for a cyber incident – remember about outages”
Reflections
Here is a threat that is being actively researched, but probably is not that big a deal – that is of course until we get to reality resolution screens and webcams… [2205.03971] Private Eye: On the Limits of Textual Screen Peeking via Eyeglass Reflections in Video Conferencing (arxiv.org) However… The …
Microsoft Teams is keeping security tokens in plain text… and more UPDATED 23 September 2022
The original post was published on 16 September 2022 This is a real problem, no software or system should keep any security token in plain text, any time during operation. The user base for Microsoft Teams is in excess of 270 million users – we are part of that number …