.png "back to home page")
This is going to be fun for bypassing MFA
— rootsecdev (@rootsecdev) September 14, 2022
Microsoft Teams stores auth tokens as cleartext in Windows, Linux, Macs https://t.co/VbB1g04kqp
Microsoft: Unsafe At Any Speed.
— ★ ꜱᴛᴇᴇʟʏ ★ ᴅᴜʀᴀɴ ★ (@AWaxwire) September 15, 2022
Microsoft Teams Stores Auth Tokens As Cleartext On Windows, Linux, Macs.
"Microsoft did not agree on the severity of the issue and said that it doesn't meet the criteria for patching. "https://t.co/pVqBQ87BMz
Red team feature https://t.co/xrG9q08RJN
— Justin Elze (@HackingLZ) September 14, 2022
Electron and Microsoft - a team made in heaven ...
— Martin Leyrer (@leyrer) September 14, 2022
"Microsoft Teams stores auth tokens as cleartext in Windows, Linux, Macs"https://t.co/PG8wP9D1Gh
Microsoft Teams stores auth tokens as cleartext in Windows, Linux, Macs https://t.co/aZKrS3sJqs
— Sami Laiho (@samilaiho) September 14, 2022
Microsoft Teams stores auth tokens as cleartext in Windows, Linux, Macshttps://t.co/QkZ6jDnMyT
— The New Oil (@thenewoil1) September 15, 2022
Microsoft Teams stores auth tokens as cleartext in Windows, Linux, Macs https://t.co/ACfYIZmpsv https://t.co/xmF7aGnPfl
— nixCraft (@nixcraft) September 15, 2022
Whoops.https://t.co/S8bT0dsN1t
— dotnetcore.show (@dotNetCoreShow) September 15, 2022
「このタイプのマルウェアを使用すると、攻撃者は Microsoft Teams の認証トークンを盗み、リモートでユーザーとしてログインし、MFA をバイパスしてアカウントへのフル アクセスを取得できます。」https://t.co/Kx7xxTwR35
— 三輪信雄 (@NobMiwa) September 14, 2022
Microsoft Teams stores auth tokens as cleartext in Windows, Linux, Macs https://t.co/PF7qfvblv1
— Nicolas Krassas (@Dinosn) September 14, 2022
Microsoft Sees No Need to Fix New Teams Vulnerability https://t.co/RMUTt1mo5N pic.twitter.com/tvyYIV0kbd
— Thurrott Feed (@Thurrottfeed) September 17, 2022
Microsoft Teams stores cleartext auth tokens, won’t be quickly patched https://t.co/4soydgDwKU
— The Cyber Security Hub™ (@TheCyberSecHub) September 15, 2022
Microsoft Teams vulnerability shows danger of collaboration apps https://t.co/dL95QblTjx #Cybersecurity #cybercrime #cyberattacks #hacker #hack #breach #phishing #dos #ransomware #malware pic.twitter.com/dYrsXxnNNb
— Rich Tehrani (@rtehrani) September 17, 2022
MS Teams vulnerability shows danger of collaboration apps
— Wilko S. Wolters 🇩🇪🇪🇺 (@WSWMUC) September 16, 2022
Teams has over 270 million monthly active users [up from 75 million in April 2020]
While collaboration tools are convenient their widespread use has opened the door to some serious vulnerabilitieshttps://t.co/2YjEVHnRr0 pic.twitter.com/paoNfEVuMb
Microsoft Teams vulnerability shows danger of collaboration apps https://t.co/741tnVm0q3 via @VentureBeat cc @tk1ng @archonsec @Transform_Sec @Corix_JC @globaliqx @segundoatdell @enricomolinari @labordeolivier @Nicochan33 @IanLJones98 @tlloydjones @FranckOhrel @jeancayeux
— Tobias Kintzel (@tobiaskintzel) September 16, 2022
Microsoft Teams has been storing authentication tokens in plaintext https://t.co/f3IbyZjzMl
— stevegreenberg (@stevegreenberg) September 17, 2022
Seems like another good reason to use optimized #Microsoft Teams with #Citrix for improved security https://t.co/9HgSyT3sWV
— Allen Furmanski (@TekGuyAllen) September 16, 2022
Reason number 10²³ why I don't like using M$ Teams.https://t.co/VmX2zjvO1t
— Jacopo Bertolotti (@j_bertolotti) September 16, 2022
Stop using Teams.https://t.co/tTiRneemEj
— bsletten (@bsletten) September 16, 2022
Interesting summary of a Teams vulnerability: "Electron does not support encryption or protected file locations by default [..], it is not considered secure enough for developing mission-critical products..." https://t.co/Kd24mUQnhl
— MarcoCantu (@marcocantu) September 16, 2022
HAHAHAHAHA OK I shouldn't laugh but we're required to use MS products at work because they're "secure" and HAHAHAHAHAHAAAAAAAhttps://t.co/8kQWugwMkV
— Kalera Stratton (@nisslbodies) September 16, 2022
Really, #Teams. Really.
— wallofsheep (@wallofsheep) September 15, 2022
.....We're not angry, Teams.
We're just disappointed.https://t.co/3qpGqv7kQs
📍 #Microsoft #Teams stores auth tokens as cleartext in Windows, Linux, Macs https://t.co/wYFhI31tv2
— Dr. ir Johannes Drooghaag (JD) #BYOC! 🕊 (@DrJDrooghaag) September 15, 2022
Teamsのクライアントアプリが認証トークンを平文でローカルに保存しており、それを盗むことでMFAをバイパス可能とのこと…
— hara_power (@hara_power) September 15, 2022
パッチがリリースされる可能性が低いためブラウザ版の使用を推奨してる…
これを利用するフイッシング流行ったらやばそうhttps://t.co/cSElMfZtXO
Microsoft Teams has been storing authentication tokens in plaintext https://t.co/vzHAPFBEck #Cybersecurity #cybercrime #cyberattacks #hacker #hack #breach #phishing #dos #ransomware #malware pic.twitter.com/ys71JIfeUH
— Rich Tehrani (@rtehrani) September 18, 2022