TECH NEWS

The enemy within: how to stop a simple Teams message taking down your business

Microsoft recently warned that attackers are impersonating IT help desks on Teams to gain access – and if that sounds bad, well, it’s just the opening move.

The attack begins when an employee gets a message from an external user claiming to be part of the company’s third-party IT support. A common-enough setup, and the kind of thing you might expect in a normal working day.

Perhaps the employee is expecting a similar message for an outstanding ticket – and so they engage with the user and, when prompted, grant remote access.

Once attackers have that foothold, they can progress to execute a full tenant lockdown using only Microsoft's own legitimate features, without ever deploying traditional ransomware. It won’t look like malware, and that means traditional defense systems won't catch it.

A real-time chat in a sanctioned collaboration tool, with a plausible IT support pretext is hard for...

Copyright of this story solely belongs to techradar.com. To see the full text click HERE

The enemy within: how to stop a simple Teams message taking down your business

Read more

Kaspersky: Over 2,300 Indian devices hit by stalkerware as India reports highest digital abuse burden in APAC

JPMorgan cuts off Anthropic access for Hong Kong staff

EU cybersecurity agency to meet Anthropic under a US export cloud

Bosch to pay US $36m over unlicensed shipments to Huawei