Avanan's research into how malicious files are being spread in Microsoft Teams was featured in Techradar. Hackers are attaching .exe files to Teams conversations. These files can then take over a user's computer. As Techradar writes:
Given services like Slack and Microsoft Teams are closed ecosystems, designed to be accessible only to members of a specific organization and a select pool of guests, users can be forgiven for assuming these digital spaces are safe from attackers.
However, Avanan’s research demonstrates that cybercriminals are more than capable of invading these private systems. And once inside, the potential to cause widespread damage is large.
As the report explains, attackers begin by gaining access to a company’s Microsoft Teams domain, either using credentials already exposed online or by stealing passwords via phishing attacks
After breaking into a Teams domain, they are then free to deliver malicious files to any member of the organization, either via one-on-one chats or group channels.
Read the rest of the article at Techradar.