Jump to content

Search the Community

Showing results for tags 'steve zurier'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

Found 1 result

  1. A Microsoft logo sits illuminated at the World Mobile Congress at the Fira Gran Via Complex on Feb. 22, 2016, in Barcelona, Spain. (Photo by David Ramos/Getty Images) Researchers on Tuesday reported that this past August they identified an attack path that lets malicious actors with file system access to steal credentials for any Microsoft Teams user who’s logged-on. In a Sept. 13 blog post, the Vectra Protect team said because attackers do not require elevated permissions to read these files, it exposes this potential concern to any attack that provides malicious actors with local or remote system access. The researchers said this vulnerability impacted all commercial and Government Community Cloud Desktop Team clients for Windows, Mac and Linux. Microsoft has been made aware of this issue and closed the case in late August, stating that it did not meet its bar for immediate servicing. The Vectra researchers said until Microsoft moves to update the Teams Desktop Application, they don’t recommend using the full Teams client and advise customers to consider using the web-based Teams application exclusively. The researchers said security teams should use the web-based Teams client inside Microsoft Edge, which has multiple OS-level controls to protect token leaks. They said the Teams web application is robust and supports most features enabled through the desktop client, keeping the organization’s productivity impacts to a minimum. For customers that must use the installed desktop application, the researchers said it’s critical to watch key application files for access by any processes other than the official Teams application. When asked Thursday if the situation had changed, Aaron Turner, CTO, SaaS Protect at Vectra, said to the Vectra team’s knowledge, Microsoft had not changed its stance. Turner said in Vectra’s interactions with customers, only those organizations with extreme exposure to sophisticated adversaries (defense contractors, critical infrastructure operators) are seriously considering eliminating the Teams.exe application on endpoints and forcing users to collaborate through Teams via a managed browser. Turner said most of the organizations he has talked to plan on implementing an endpoint detection and response monitoring policy to watch for any situations of unauthorized access by a system process to the file storage locations where the tokens are stored. Turner added that the work Vectra’s Connor Peoples spearheaded to discover this vulnerability and coordinate his findings with Microsoft is part of Vectra's efforts to help make the Microsoft 365 ecosystem a safer and fairer place for any organization to communicate and collaborate. As outlined in the research, Turner said there are some improvements that Microsoft can make to shore up the Electron application for Windows and MacOS. He said those improvements should also help prevent future vulnerabilities, such as other recently disclosed problems relating to XSS attacks and potential command and control activity using GIFs. Sammy Migues, principal scientist at Synopsys Software Integrity Group, said like every application framework, Electron has its own idiosyncrasies related to authentication, secure file storage, and communications. Migues said development teams use frameworks for the same reason they use lots of other open source — it makes their jobs easier and faster. On the other hand, even security-aware teams might not understand what’s really going on in the depths of the framework they’re using. Migues said In this case, it appears that Electron might save some sensitive data in an insecure way. Via scmagazine.com/
×
×
  • Create New...