• News
  • Security
  • Products
  • About Seqrite
Seqrite Blog Blog
  • News
  • Security
  • Products
  • About Seqrite
Home  /  Cybersecurity • Microsoft  /  Enterprises using Microsoft’s collaboration tools under attack?
Are-cyberattackers-challenging-mighty-Microsoft
24 June 2020

Enterprises using Microsoft’s collaboration tools under attack?

Written by Seqrite
Seqrite
Cybersecurity, Microsoft
Estimated reading time: 2 minutes

Enterprise collaboration tools have seen an upsurge in popularity this year, thanks to the global pandemic forcing organizations all over the world to work from home. Even as the economy takes the initial step towards resumption, the days of packed meeting rooms will not be coming back anytime soon, at least in the foreseeable future, as health agencies continue to advise stringent social distancing measures.

This has meant that most enterprise collaboration happens through video-conferencing tools like Zoom and Microsoft Teams. Zoom has been in the news lately for security flaws which have enabled attackers to hijack meetings. While the company has released patches to fix these flaws, security teams are warned to remain vigilant about Microsoft Teams as well. In a security update at the end of March, the company released a patch for a major sub-domain takeover vulnerability in the Microsoft Teams.

Malicious GIF vulnerability

This vulnerability allowed malicious threat actors to take over an organization’s entire roster of Microsoft Teams accounts through a simple GIF image. The unsuspecting victim would have only to view a malicious GIF for their data to be scraped. The exploitation was able to spread extremely quickly as it only required the first victim to view the malicious GIF, rendering organizations at extreme risks of hostile takeovers.

In technical terms, this attack is conducted through the use of a JSON Web token and a Skype token. These two tokens are used by Microsoft to enable Teams users to view and share images. These two tokens are sent to a Microsoft Teams server or a sub-domain under this server for authentication. However, two insecure Microsoft domains can be taken over and if this domain is accessed, the attacker can easily create a Skype token, enabling them to take over the victim’s account data.

Vigilance continues to be important!

It was providential that Microsoft immediately released a patch to fix this vulnerability as otherwise, the consequences could have been significant. Microsoft Teams is actively being used by organizations of all sizes globally to hold meetings and share company data. The sheer simplicity of this breach – making an unsuspecting user view a malicious GIF – could have easily resulted in breaches of data. By garnering user information, attackers could have launched phishing attacks by impersonating leaders.

That’s why enterprises need to follow all mandated security measures when it comes to enterprise collaboration tools such as Teams, Zoom or Slack. Employees must be continuously reminded to ensure they update their solutions and are on the latest versions of the respective software. It is important to have robust user access controls and strong authentication processes in place. Only approved and regulated users should be able to access these tools.

It’s also important for enterprises to have in place powerful security solutions that will keep the organization safe from such security breaches. Seqrite offers a range of solutions to help enterprises secure their perimeters. Data leakage can be stopped by using Seqrite Encryption, a full disk encryption solution that provides enhanced data solutions. Endpoint security can also be easily deployed and managed remotely from anywhere through Seqrite Endpoint Security Cloud.

 Previous PostMaze ransomware continues to induce maximum mayhem for the enterp...
Next Post  Is the education sector turning a blind eye to cyberthreats emerg...
Seqrite
About Seqrite

Follow us for the latest updates and insights related to security for enterprise networks. Subscribe to our newsletter to stay...

Articles by Seqrite »

Related Posts

  • BEC and Ransomware attacks unsettle businesses globally.

    BEC and Ransomware attacks increase during the pandemic

    January 22, 2021
  • Increased adoption of IoT creates a brand-new attack surface.

    Are we prepared against risks generating from the IoT revolution?

    January 15, 2021
  • Recognize Hybrid Cloud’s unique security challenges.

    Proactiveness is the key to resolving hybrid cloud’s security challenges

    January 6, 2021

No Comments

Leave a Reply.Your email address will not be published.

Cancel reply

CAPTCHA Image
Refresh Image

Popular Posts

  • RAT used by Chinese cyberspies infiltrating Indian businesses RAT used by Chinese cyberspies infiltrating Indian businesses December 18, 2020
  • How can EdTech companies deal with rising security challenges? How can EdTech companies deal with rising security challenges? December 24, 2020
  • Benefits of having Intrusion Prevention/Detection System in your enterprise Benefits of having Intrusion Prevention/Detection System in your enterprise February 15, 2018

Featured Authors

  • Seqrite
    Seqrite

    Follow us for the latest updates and insights related to security for...

    Read more..
  • Viraj Talikotkar
    Viraj Talikotkar

    Viraj is a Lead Technical Writer at Quick Heal Technologies. He is always on...

    Read more..
  • Sanjay Katkar
    Sanjay Katkar

    Sanjay Katkar is the Joint Managing Director and Chief Technology Officer of...

    Read more..

Latest Posts

  • BEC and Ransomware attacks increase during the pandemic

    BEC and Ransomware attacks increase during the pandemic

    January 22, 2021
  • Are we prepared against risks generating from the IoT revolution?

    Are we prepared against risks generating from the IoT revolution?

    January 15, 2021
  • Proactiveness is the key to resolving hybrid cloud’s security challenges

    Proactiveness is the key to resolving hybrid cloud’s security challenges

    January 6, 2021

Stay Updated!

Topics

Antivirus For Linux (10) Antivirus For Server (9) BYOD (9) Cyber-attack (31) cyber-attacks (56) cyberattacks (12) Cybersecurity (275) cyber security (25) Cyber threat (29) cyber threats (44) Data (10) data breach (50) data breaches (27) data loss (28) data loss prevention (33) data protection (21) data security (13) DLP (49) Encryption (16) endpoint security (102) Enterprise security (14) EPS (9) Exploit (12) firewall (11) hackers (9) incident response plan (9) IoT (10) malware (58) malware attack (22) malware attacks (12) MDM (25) mobile device management (9) Network security (18) Patch Management (12) phishing (16) Ransomware (55) ransomware attack (29) ransomware attacks (30) ransomware protection (12) Seqrite (24) Seqrite Encryption (27) Seqrite EPS (33) Seqrite Services (16) UTM (34) Vulnerability (10)

Products

  • Endpoint Security (EPS)
  • Seqrite Encryption Manager
  • Seqrite Endpoint Security Cloud
  • Cloud Security
  • Seqrite mSuite
  • Seqrite MobiSMART
  • Unified Threat Management
  • Seqrite Secure Web Gateway
  • Antivirus for Server
  • Antivirus for Linux

Resources

  • White Papers
  • Datasheets
  • Threat Reports
  • Manuals
  • Case Studies

About Us

  • Company Overview
  • Leadership
  • Why choose SEQRITE?
  • Awards & Certifications
  • Newsroom

Archives

  • By Date
  • By Category

© 2020 Quick Heal Technologies Ltd. (Formerly Known as Quick Heal Technologies Pvt. Ltd.) Cookie Policies Privacy Policies

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website.
By browsing this website, you agree to our cookie policy.