Thread Rating:
- 0 Vote(s) - 0 Average
- 1
- 2
- 3
- 4
- 5
Share Post:
Microsoft Teams patched against image-based account takeover
|
Posts: 19,393
Threads: 8,942
Thanks Received: 32,423 in 9,295 posts
Thanks Given: 4,309
Joined: Sep 2015
Reputation:
2,718
View All
Quote:After looking at how Microsoft Teams handles image resources, security researchers found a way to take over accounts by sending recipients a regular GIF.
The method could have been used for the desktop and web versions of Teams to get access to multiple accounts at once and steal conversations and threads.
Controlling a subdomain under teams.microsoft.com was the main condition for the attack, and the researchers had two to choose from. Microsoft received a report about the vulnerability and pushed mitigations to prevent the attack.
Continue reading HERE
|
Possibly Related Threads… |
Thread |
Author |
Replies |
Views |
Last Post |
|
Critical RCE bug patched in Netgear ProSAFE Plus switches |
Bjyda |
0 |
2,426 |
03-11-2021 , 10:29 PM
Last Post: Bjyda
|
|
Three New Vulnerabilities Patched in OpenSSL |
Bjyda |
0 |
723 |
02-18-2021 , 12:26 AM
Last Post: Bjyda
|
|
Google Discloses Poorly-Patched, Now Unpatched, Windows 0-Day Bug |
Bjyda |
0 |
906 |
12-25-2020 , 12:43 AM
Last Post: Bjyda
|
|
Cisco fixes critical pre-auth flaws allowing router takeover |
tarekma7 |
0 |
1,425 |
07-17-2020 , 10:19 PM
Last Post: tarekma7
|
|
Update Microsoft Teams Impersonation Attacks Flood Inboxes |
guardian |
0 |
1,135 |
05-02-2020 , 03:38 AM
Last Post: guardian
|
Users browsing this thread: 1 Guest(s)