Thread Rating:
- 0 Vote(s) - 0 Average
- 1
- 2
- 3
- 4
- 5
Share Post:
Microsoft Teams patched against image-based account takeover
|
Posts: 19,395
Threads: 8,943
Thanks Received: 32,459 in 9,301 posts
Thanks Given: 4,312
Joined: Sep 2015
Reputation:
2,719
View All
Quote:After looking at how Microsoft Teams handles image resources, security researchers found a way to take over accounts by sending recipients a regular GIF.
The method could have been used for the desktop and web versions of Teams to get access to multiple accounts at once and steal conversations and threads.
Controlling a subdomain under teams.microsoft.com was the main condition for the attack, and the researchers had two to choose from. Microsoft received a report about the vulnerability and pushed mitigations to prevent the attack.
Continue reading HERE
|
Possibly Related Threads… |
Thread |
Author |
Replies |
Views |
Last Post |
|
Critical RCE bug patched in Netgear ProSAFE Plus switches |
Bjyda |
0 |
2,508 |
03-11-2021 , 10:29 PM
Last Post: Bjyda
|
|
Three New Vulnerabilities Patched in OpenSSL |
Bjyda |
0 |
758 |
02-18-2021 , 12:26 AM
Last Post: Bjyda
|
|
Google Discloses Poorly-Patched, Now Unpatched, Windows 0-Day Bug |
Bjyda |
0 |
938 |
12-25-2020 , 12:43 AM
Last Post: Bjyda
|
|
Cisco fixes critical pre-auth flaws allowing router takeover |
tarekma7 |
0 |
1,451 |
07-17-2020 , 10:19 PM
Last Post: tarekma7
|
|
Update Microsoft Teams Impersonation Attacks Flood Inboxes |
guardian |
0 |
1,168 |
05-02-2020 , 03:38 AM
Last Post: guardian
|
Users browsing this thread: 1 Guest(s)