Microsoft Teams is a part of the 365 product family and is used by more than 270 million people for exchanging text messages, videoconferencing, and file storage.

In August of 2022, the team at Vectra Protect discovered a post-exploitation vulnerability in the plaintext storage disk used by Microsoft Teams while conducting research for a client. This vulnerability gives malicious actors, with either the local or remote systems access, the ability to obtain valid user credentials. Vectra discovered that the unencrypted credential management weakness affected all commercial and GCC Desktop Teams clients for Windows, Mac, and Linux.

In a blog post dated September 13, 2022, Vectra informed the public about the vulnerability and provided an example of how the hackers may exploit it.

Vectra explained that malicious actors could impersonate the user through Teams-related applications such as Skype and Outlook while bypassing multifactor authentication (MFA). With access to team-related applications, the hackers could target other employees or impersonate senior executives inside the corporation.

Connor Peoples, a security architect at Vectra, wrote, “Attackers can tamper with legitimate communications within an organization by selectively destroying, exfiltrating, or engaging in targeted phishing attacks.”

The desktop application is especially susceptible to attack since it does not have “additional security safeguards to protect cookie data.”

While Microsoft acknowledges the concern raised by Vectra, the corporation states, “The technique described does not meet our bar for immediate servicing as it requires an attacker to first gain access to a target network.”

Given the uncertain availability of a solution in the immediate future, Vectra advises users to utilize the browser-based version of Microsoft Teams. The additional safeguards in a browser helps user avoid security vulnerabilities that could be readily exploited.

Related Posts - TKS Blog

TKS Newsletter - 2024 December
Here's our December 2024 Newsletter Read the full PDF version here: The TKS Sentinel - December Issue In this month's edition, we discuss: Ransomware Threats PDF Hijacking ...
Read more
TKS Newsletter - 2024 November
Here's our November 2024 Newsletter Read the full PDF version here: The TKS Sentinel - November Issue In this month's edition, we discuss: Dark Web/Work Laptop ActiveX Controls ...
Read more
tips for troubleshooting computer issues
6 Tips To Troubleshoot Network Issues
Identifying The Source - Fast A business network is the lifeblood of operations. The digital artery pumps data through your organization. It enables everything from email...
Read more
business cybersecurity Why Every Business Must Prioritize Cybersecurity in Their Continuity Plans
How Cybersecurity Impacts Business Continuity
No matter the size or industry of your business, there are always risks that threaten your ability to operate. Among these, cyber threats stand out...
Read more

Used with permission from Article Aggregator