Threat actors have been observed compromising Microsoft Team accounts to access the chat feature and then propagate malware to users in the chat, according to security researchers at Avanan. These attacks start with the threat actor uploading an executable file called “User Centric” to fool the user into executing it on their system. This issue may be exacerbated by the lack of robust security protection in Teams, including the lack of file scanning. Given the widespread use and inherent trust of Teams, users are likely to open files that have been shared. Members are encouraged to share this current campaign and remind users to exercise extreme suspicion, and contact IT support when receiving unsolicited files, even in trusted platforms. Read more at Bleeping Computer.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!