[ad_1]
Image files can make any user a cyber attack diffuser
Digital security researchers have discovered a vulnerability in Microsoft Teams, a corporate communications platform that allows hackers to hack accounts and steal data using malicious GIFs.
The discovery was made by cybersecurity company CyberArk, which reported the vulnerability as an issue when acquiring platform subdomains. Through this flaw, cyber criminals can steal logins, take over accounts, and spread even more infected GIFs. In this way, a hacker can take control of all users of a company in Teams, for example.
The problem affects those who use the platform on the desktop or on the web through mobile devices and works without victims having to share or interact with the malicious GIF, only receiving it to become a point of spread.
“With tools like Teams, it is very important to ensure that only approved and regulated users can access the platform and post in collaborative activities; it all comes down to having robust user access controls and robust authentication processes,” explained Geraint Williams. , director of Information Security of the GRC Institute, which deals with compliance, that is, the conduct of corporations. “It is also crucial that you regularly attack these defenses so that you can assess them for weaknesses,” he added.
Despite the vulnerability, the report notes that the flaw was not actively exploited by hackers. Microsoft has confirmed that it has been alerted and has already issued a correction.
“We addressed the issue and worked with the investigator under coordinated vulnerability disclosure. Although we have not seen any use of this technique in nature, we have taken steps to keep our clients safe,” the company said.
Via: TechRadar
Microsoft Hackers cybersecurity GIFs Microsoft teams cybercriminals
Share with your followers
[ad_2]
