Skip to main content

Researchers show ways to abuse Microsoft Teams accounts for lateral movement

posted onMay 17, 2023
by l33tdawg
CSO Online
Credit: CSO Online

With organizations increasingly adopting cloud-based services and applications, especially collaboration tools, attackers have pivoted their attacks as well. Microsoft services consistently rank at the top of statistics when it comes to malicious sign-in attempts, and Microsoft Teams is one application that recently seems to have attracted attackers' interest.

Researchers from security firm Proofpoint investigated how attackers could abuse access to a Teams account and found some interesting attack vectors that could allow hackers to move laterally by launching further phishing attacks or getting users to download malicious files.

"Our analysis of past attacks and ongoing trends within the dynamic cloud threat landscape indicates that attackers progressively pivot to more advanced attack vectors," the Proofpoint researchers said in their report. "The adoption of new attack techniques and tools, when combined with apparent security flaws, including dangerous functionalities in first-party apps, exposes organizations to a variety of critical risks."

Source

Tags

Industry News

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th