If you need to install Teams on your smartphone or laptop, go to the App or Play store and download the app there. “In at least one attack Microsoft detected, the crooks purchased a search engine ad that caused top results for Teams software to point to a domain under their control.” reported Bleeping Computer. In 2019, DoppelPaymer ransomware operators used this trick to target Microsoft users, this year WastedLocker operators evolved the technique by using a more complex attacks and employing signed binaries to evade the detection. Now, that again more people are working from home, criminals try to abuse the fact people are using tools like Teams more and more. The technique is not new and threat actors already exploited it in attacks in the wild. Teams itself checks whether there is an update available from Microsoft and downloads and installs it in a secure way. You don't need to go searching for Teams updates. Ransomware operators are using malicious fake Microsoft Teams updates to deliver backdoors that lead to the installation of malware.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |