Tag

Microsoft Teams

All articles tagged with #microsoft teams

cybersecurity19 days ago•60 min saved

MuddyWater Uses Teams to Harvest Credentials and Subvert MFA in Chaos False-Flag Campaign

Security researchers describe a MuddyWater operation that exploited Microsoft Teams for external contact and screen-sharing to harvest user credentials (credentials.txt/cred.txt) and push MFA changes, followed by backdoor access using DWAgent and AnyDesk. The attackers deployed a custom RAT (Game.exe) and used C2 domains linked to MuddyWater, framing the intrusion as a Chaos ransomware false-flag campaign focused on credential theft and data exfiltration rather than encryption. The campaign featured indicators like a forged code-signing certificate and stolen credentials enabling lateral movement to Domain Controllers.

via CyberSecurityNews|

#credential-harvesting #cybersecurity #mfa

technology20 days ago•6 min saved

MuddyWater Uses Teams for Credential Theft in False-Flag Ransomware Operation

Rapid7 links MuddyWater to a 2026 operation that used interactive Teams screen-sharing to harvest credentials and bypass MFA, exfiltrate data, and maintain persistence with tools like DWAgent and AnyDesk, while avoiding file encryption to masquerade as a ransomware attack. Described as a false-flag, state-backed campaign, it leverages a Chaos RaaS framework and off-the-shelf tools to blur attribution, highlighting evolving attacker tradecraft that blends cybercrime with strategic aims.

via The Hacker News|

#cybersecurity #iran #microsoft-teams

cyber-security-news1 month ago•56 min saved

Threat Actors Weaponize Teams Messaging to Breach Enterprises

UNC6692 runs a multistage intrusion that begins with mass email bombardment and escalates via impersonation of IT staff in Microsoft Teams, guiding victims to a phishing landing page hosted on AWS S3. The campaign then harvests credentials, deploys a modular malware suite (SNOWBELT), and uses cloud-based C2 and data staging to exfiltrate data and compromise domain controllers, highlighting the need to restrict external Teams access and monitor cloud egress and browser extensions for anomalous activity.

via CyberSecurityNews|

#cyber-security-news #cybersecurity #microsoft-teams

technology1 month ago•6 min saved

Teams Tactics Drive UNC6692’s Modular SNOW Malware Campaign

Security researchers describe UNC6692’s two-stage assault: a flood of spam to overwhelm inboxes followed by impersonating IT staff via Microsoft Teams to coax victims into installing a patch that drops the SNOWBELT/SNOWGLAZE/SNOWBASIN malware suite for remote access, lateral movement, and data exfiltration, leveraging cloud services for C2 and payload delivery. The campaign targets executives and uses WebSocket tunnels and backdoors to expand access, with defenders urged to harden collaboration tools and enforce verified help-desk procedures.

via The Hacker News|

#microsoft-teams #snowbelt #snowglaze

tech1 month ago•44 min saved

Teams redesign targets accidental hand-raising with customizable controls

Microsoft Teams is getting a June rollout redesign that moves the Raise Hand button into the Reactions menu to reduce mis-clicks, and adds options to pin, unpin, and reorder meeting controls, with the Leave button clearly separated on the right to prevent accidental exits.

via The Verge|

#meeting-toolbar #microsoft-365-roadmap #microsoft-teams

technology4 months ago•3 min saved

Teams adds brand-impersonation warnings for external calls

Microsoft will roll out Brand Impersonation Protection for Teams Calling, automatically warning users on first-time external calls that try to impersonate trusted brands. Enabled by default in the targeted release mid-February, the feature lets users accept, block, or end flagged calls, with alerts possibly persisting during a conversation. It aims to curb social-engineering attacks and complements other security updates; no admin action is required for activation, though IT should update training materials.

via BleepingComputer|

#brand-impersonation-protection #caller-id #microsoft-teams

technology4 months ago•11 min saved

Microsoft outage hits Outlook and Teams as investigators probe network issues

Microsoft 365 services including Outlook, Teams and other apps experienced a widespread outage after thousands reported issues on Downdetector; Microsoft said it was investigating and cited a possible third‑party networking issue. By about 18:44 UTC the company said the incident was resolved and the service environment remained healthy, though a small number of users continued to report sign‑in or access problems (with some Xbox app/store issues on iPad).

via Daily Express|

#microsoft #microsoft-365 #microsoft-teams

technology5 months ago•2 min saved

Microsoft Teams to Implement Enhanced Security Features and External User Controls by January 2026

Microsoft Teams will soon allow security admins to block external users from messaging or calling within Teams via integration with Defender for Office 365, enhancing security and control over external communications. The feature, rolling out in January 2026, supports managing up to 4,000 blocked domains and 200 email addresses, and aims to prevent cyberattacks like social engineering and ransomware.

via BleepingComputer|

#block-list #defender-portal #external-users

technology5 months ago•2 min saved

Microsoft Teams to Implement Default Messaging Safety in January 2026

Microsoft will automatically enable key messaging safety features in Teams starting January 2026 to enhance security by blocking high-risk file types, scanning URLs for malicious content, and allowing users to report false positives, with organizations able to opt out beforehand.

via CybersecurityNews|

#cybersecurity #default-settings #messaging-safety

technology6 months ago•2 min saved

Microsoft Teams Vulnerabilities Enable Impersonation, Message Tampering, and Data Theft

Cybersecurity researchers revealed four security vulnerabilities in Microsoft Teams that could allow attackers to impersonate colleagues, manipulate messages without detection, and exploit notifications, posing significant social engineering risks. Some issues have been patched, but the flaws highlight the importance of securing collaboration tools against trust-based attacks, especially as threat actors increasingly target enterprise communication platforms.

via The Hacker News|

#cybersecurity #impersonation #microsoft-teams

technology7 months ago•3 min saved

Microsoft Teams to Monitor and Report Employee Office Presence

Microsoft Teams is introducing a feature that automatically updates users' work location based on Wi-Fi connection, raising privacy concerns and potential for misuse, while also facing cybersecurity vulnerabilities that could expose sensitive data.

via Forbes|

#cybersecurity #location-tracking #microsoft-teams

technology7 months ago•0 min saved

Microsoft Teams to Start Reporting Employee Office Presence to Managers

Microsoft Teams is planning to introduce a feature that will notify managers when employees are not in the office, raising concerns about workplace privacy and monitoring in remote work environments.

via Lifehacker|

#employee-monitoring #microsoft-teams #productivity-tools

technology7 months ago•3 min saved

Microsoft Teams to Begin Reporting Employee Office Attendance to Employers

Microsoft Teams is set to introduce a feature in December 2025 that will automatically update a user's work location based on their office Wi-Fi connection, raising privacy concerns for remote workers. The feature, which can be enabled by tenant admins and is off by default, aims to verify employee presence in the office but may also lead to increased monitoring of remote workers.

via Tom's Guide|

#location-tracking #microsoft-teams #office-wi-fi

technology7 months ago•2 min saved

Microsoft Teams' New Tracking Features Spark Privacy Concerns

Microsoft Teams will now automatically update and share employees' work location based on Wi-Fi connection, raising privacy concerns and potentially impacting employee privacy and workplace dynamics, with the feature rolling out globally in December.

via Forbes|

#employee-monitoring #location-tracking #microsoft-teams

technology8 months ago•2 min saved

Microsoft Enhances Teams with Malicious Link Warnings in Private Chats

Microsoft Teams will soon warn users about links flagged as malicious in private chats, enhancing security against spam, phishing, and malware, with rollout starting in September 2025 for enterprise customers.

via BleepingComputer|

#malicious-links #malware #microsoft-teams