Microsoft Teams - Security Ticks

Vulnerabilities in Microsoft macOS apps may give attackers access to microphone, camera

apple, Cisco, Don't miss, Hot stuff, Microsoft, Microsoft Teams, News, vulnerability / SecurityTicks

Vulnerabilities in Microsoft macOS apps may give attackers access to microphone, camera 2024-08-20 at 13:46 By Zeljka Zorz Vulnerabilities in popular Microsoft apps for macOS can be abused by attackers to record video and audio clips, take pictures, access and exfiltrate data and send emails, Cisco Talos researchers have discovered. Library injection vulnerabilities in Microsoft […]

React to this headline:

Vulnerabilities in Microsoft macOS apps may give attackers access to microphone, camera Read More »

Compromised Skype accounts deliver DarkGate malware to employees

account hijacking, Don't miss, enterprise, Hot stuff, Malware, Microsoft Teams, News, Skype, Trend Micro / SecurityTicks

Compromised Skype accounts deliver DarkGate malware to employees 16/10/2023 at 16:46 By Helga Labus A threat actor is using compromised Skype accounts to deliver the DarkGate malware to target organizations, Trend Micro researchers have warned. “Versions of DarkGate have been advertised on Russian language forum eCrime since May 2023. Since then, an increase in the

React to this headline:

Compromised Skype accounts deliver DarkGate malware to employees Read More »

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129)

1Password, Alpine, Chrome, containers, Debian, Don't miss, Firefox, Google, Hot stuff, LibreOffice, Linux, macOS, Microsoft Teams, News, Opera, patch, patching, Rezilion, runZero, Signal, Slack, SUSE, Telegram, Ubuntu, Vivaldi, vulnerability, vulnerability management / SecurityTicks

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129) 27/09/2023 at 14:46 By Zeljka Zorz The Chrome zero-day exploited in the wild and patched by Google a few weeks ago has a new ID (CVE-2023-5129) and a description that tells the whole story: the vulnerability is not in Chrome, but the libwebp library,

React to this headline:

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129) Read More »

Microsoft Teams phishing: Enterprises targeted by ransomware access broker

Don't miss, Hot stuff, initial access broker, Microsoft, Microsoft Teams, News, phishing, Ransomware / SecurityTicks

Microsoft Teams phishing: Enterprises targeted by ransomware access broker 13/09/2023 at 12:16 By Zeljka Zorz A threat actor known for providing ransomware gangs with initial access to enterprise systems has began phishing employees via Microsoft Teams. “For this activity, Storm-0324 most likely relies on a publicly available tool called TeamsPhisher,” Microsoft threat researchers noted. About

React to this headline:

Microsoft Teams phishing: Enterprises targeted by ransomware access broker Read More »

Microsoft Teams users targeted in phishing attack delivering DarkGate malware

Don't miss, Hot stuff, Malware, Microsoft 365, Microsoft Teams, News, phishing / SecurityTicks

Microsoft Teams users targeted in phishing attack delivering DarkGate malware 11/09/2023 at 13:31 By Helga Labus A new phishing campaign taking advantage of an easily exploitable issue in Microsoft Teams to deliver malware has been flagged by researchers. Delivering malware to Microsoft Teams users Late last month, Truesec researchers spotted two compromised Microsoft 365 accounts

React to this headline:

Microsoft Teams users targeted in phishing attack delivering DarkGate malware Read More »

August 2023 Patch Tuesday: Microsoft fixes critical bugs in Teams, MSMQ

Automox, Don't miss, Hot stuff, Microsoft, Microsoft Exchange, Microsoft Teams, MS Office, News, Patch Tuesday, security update, Trend Micro / SecurityTicks

August 2023 Patch Tuesday: Microsoft fixes critical bugs in Teams, MSMQ 08/08/2023 at 22:46 By Zeljka Zorz August 2023 Patch Tuesday is here; among the 76 CVE-numbered issues fixed by Microsoft this time around is a DoS vulnerability in .NET and Visual Studio (CVE-2023-38180) for which proof-of-exploit code exists. Other than the fact that a

React to this headline:

August 2023 Patch Tuesday: Microsoft fixes critical bugs in Teams, MSMQ Read More »

Russian APT phished government employees via Microsoft Teams

APT, Don't miss, Government, government-backed attacks, Hot stuff, Microsoft, Microsoft Teams, News, phishing, social engineering / SecurityTicks

Russian APT phished government employees via Microsoft Teams 03/08/2023 at 15:17 By Zeljka Zorz An APT group linked to Russia’s Foreign Intelligence Service has hit employees of several dozen global organizations with phishing attacks via Microsoft Teams, says Microsoft. A social engineering attack to bypass MFA protection “To facilitate their attack, the actor uses Microsoft

React to this headline:

Russian APT phished government employees via Microsoft Teams Read More »

Malware delivery to Microsoft Teams users made easy

collaboration, Don't miss, enterprise, Hot stuff, Malware, Microsoft 365, Microsoft Teams, News, red team, SMBs, vulnerability / SecurityTicks

Malware delivery to Microsoft Teams users made easy 10/07/2023 at 14:33 By Zeljka Zorz A tool that automates the delivery of malware from external attackers to target employees’ Microsoft Teams inbox has been released. TeamsPhisher (Source: Alex Reid) About the exploited vulnerability As noted by Jumpsec researchers Max Corbridge and Tom Ellson, Microsoft Teams’ default

React to this headline:

Malware delivery to Microsoft Teams users made easy Read More »

Microsoft Teams vulnerability allows attackers to deliver malware to employees

collaboration, Don't miss, enterprise, Hot stuff, Jumpsec, Malware, Microsoft 365, Microsoft Teams, News, red team, SMBs, vulnerability / SecurityTicks

Microsoft Teams vulnerability allows attackers to deliver malware to employees 23/06/2023 at 15:24 By Zeljka Zorz Security researchers have uncovered a bug that could allow attackers to deliver malware directly into employees’ Microsoft Teams inbox. “Organisations that use Microsoft Teams inherit Microsoft’s default configuration which allows users from outside of their organisation to reach out

React to this headline:

Microsoft Teams vulnerability allows attackers to deliver malware to employees Read More »

Anonymous Sudan Launches Fresh Wave of DDoS Attacks on American Organizations Including Microsoft

Anonymous Sudan, DDoS Attack, DDos botnet, EX571516, Godzilla Botnet, Hacktivism, Hacktivists, Healthcare Service, Microsoft, Microsoft Outlook, Microsoft Teams, MO571683, Office 365, OneDrive, Scandinavian Airlines, SharePoint Online, SkyNet, Telegram, Threat Actors, Twitter, XML-RPC floods, Zero Day Vulnerability / SecurityTicks

Anonymous Sudan Launches Fresh Wave of DDoS Attacks on American Organizations Including Microsoft 07/06/2023 at 16:31 By cybleinc Cyble analyzes recent hacktivism claims by Anonymous Sudan impacting US entities including Microsoft Corporation. The post Anonymous Sudan Launches Fresh Wave of DDoS Attacks on American Organizations Including Microsoft appeared first on Cyble. This article is an

React to this headline:

Anonymous Sudan Launches Fresh Wave of DDoS Attacks on American Organizations Including Microsoft Read More »