Microsoft Teams Updater abused to install malware

Thursday, August 6th, 2020

Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.

Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.

Read the latest research blogs from the Blueliv Labs team.

Intelligence Briefing

Malware

Microsoft Teams Updater abused to install malware

During the last year, several variants of malware recovery and remote execution were discovered from Microsoft Teams. They all start from the possibility of updating the client from a remote URL. To fix this, Microsoft released a patch that only allows local networks to access and update the Teams package. Based on this restriction, the attackers are taking advantage of Teams as a LoLBin, by placing the malicious file on the network and accessing the load from the victim's computer. Learn more >

Blueliv Intelligence Briefing

Your cybersecurity news summary

Intelligence Briefing

Malware

Blueliv Intelligence Briefing

Your cybersecurity news summary

Intelligence Briefing Malware

Intelligence Briefing

Malware