Microsoft Teams Vulnerability Abused To Delpoy Malware From Outside Sources

Despite Microsoft Teams' client-side protections that block file delivery from external tenant accounts, security researchers from Jumpsec discovered a method to deliver malware through the platform by exploiting its default configuration, which allows communication with external tenants. With its wide adoption and 280 million monthly active users, Microsoft Teams serves as a communication and collaboration platform within organizations as part of Microsoft 365's cloud-based services. This discovery by Max Corbridge and Tom Ellson highlights the potential vulnerability of the platform, enabling the delivery of malicious payloads directly to targeted inboxes. Read more...