Big threat on Microsoft Teams after Zoom! Hackers are stealing personal information through GIF

After the Zoom Meeting was hacked, researchers now also found a threat of cyber attack on Microsoft Teams’ video conferencing platform Microsoft Teams. Cyber ​​criminals are changing their positions on video conferencing tools to target users and enterprises. As more and more businesses operate from remote locations, attackers are focusing on attacking key technologies such as Zoom and the Microsoft team, which companies and their employees depend on to stay connected.

CyberArk Labs stated in its blog post, ‘We found that the attacker could use a malicious GIF (graphic interchange format) to hack the user’s data and an organization, with Microsoft Teams in the grip of a sub-domain takeover. Could have hacked the entire roster of team account.

(Also read- These users of WhatsApp got new feature update, add 8 people to Video / Voice Call in this way)

CyberOrc Labs worked with the Microsoft Security Research Center after finding a flaw in the account takeover and issued an early fix.Hacking is happening through GIF

It was told that users will not have to share the GIF to be affected, but they can be attacked only by viewing it. Flaws like these have the ability to spread automatically. This flaw affects every user who uses the team desktop or web browser version. Video conferencing tools such as Microsoft Teams, Google Meet and Zoom have experienced tremendous growth in the user base as the Kovid-19 epidemic has globally asked enterprises to work from home.

(Also read- You can see phone photos and videos on your TV, you just have to change this one)

A large number of academic programs are also taking advantage of these platforms to continue classes. Most of these companies have also given free access to video conferencing platforms for anywhere between 3 to 6 months. Due to this traction is increasing and many cyber criminals are now keeping an eye on these services to do mischief.

Microsoft has removed the miss configuration in the software that has been exposed and takeover. However, CyberArk says, ‘If an attacker does not gather too much information from a team account, they can still use the account to cross the entire organization. Then finally, the attacker can access all the data from all the accounts of your organization, from which it can gather confidential information, meeting and calendar information, competitive data, secret, password, personal information, business plans data.

(Also read- Battery and data of your phone ends quickly, so turn off these 3 settings now)


Leave A Reply

Please enter your comment!
Please enter your name here