"Starting today, Microsoft is making it more difficult for cyber attackers to infiltrate organizations via Teams. A new update now blocks dangerous file types and malicious URLs, unless companies explicitly change the default settings. The new features were already known, but will activate automatically today for organizations that have not tampered with the default settings. Companies with customized configurations will not notice the change; their settings will remain intact."
"Users can flag false positives. This helps IT teams fine-tune security without unnecessarily blocking legitimate files. Microsoft is also working on detecting suspicious communication with external domains, which alerts organizations to unusual activity with unknown parties. Microsoft Threat Intelligence recently announced that malware distribution, credential theft, and lateral movement via Teams are becoming increasingly common. Attackers are also targeting collaboration platforms with an even more sophisticated form of fraud: deepfakes in video calls themselves."
Microsoft is activating default protections in Teams that block dangerous file types and malicious URLs unless administrators change the default settings. Organizations with customized configurations will remain unaffected while those relying on defaults receive automatic protection. End users may encounter warnings or blocked content and should be prepared to report false positives. Users can flag false positives so IT teams can fine-tune protections without blocking legitimate files. Microsoft is working on detecting suspicious communication with external domains to alert organizations to unusual activity. Threat intelligence reports increasing malware distribution, credential theft, lateral movement via Teams, and a rise in deepfake fraud in video calls. Security teams should review settings and prepare helpdesk staff.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]