Collaborate Disseminate
Microsoft has fixed a flaw in Teams that could have allowed attackers to launch a wormlike attack on multiple accounts by sending one victim a malicious GIF image. Continue reading ‘Evil GIF’ account takeover flaw patched in Teams
Zoom isn’t the only video conferencing service attracting scrutiny from security researchers. Microsoft Teams, the technology giant’s professional collaboration tool, included a software bug that could have made it possible for hackers to steal data. Hackers could have used a malicious GIF to scrape user data from Microsoft Teams user accounts, spreading through an organization’s entire roster of employees who use the service, researchers from CyberArk announced Monday. The issue existed for three weeks between the end of February through mid-March, when much of the U.S. started to telework in response to the coronavirus pandemic. “The amount of data that goes into these applications is enormous and often includes confidential information from user names and passwords to top-secret business information – making them prime targets for attackers,” Omer Tsarfati, a CyberArk researcher, said in a blog post. CyberArk did not point to any evidence the issue had been exploited in […]
The post Researchers used a GIF to prove they could access Microsoft Teams user data appeared first on CyberScoop.
Continue reading Researchers used a GIF to prove they could access Microsoft Teams user data
CyberArk, the global leader in privileged access management, announced expanded capabilities of CyberArk Alero to support emerging business continuity priorities. Building on its core use case of enabling privileged access for remote vendors, Alero, a … Continue reading CyberArk Alero’s expanded capabilities allow remote employees secure access to critical systems
RSA Conference 2020 is underway at the Moscone Center in San Francisco. Check out our microsite for the conference for all the most important news. Here are a few photos from the event, featured vendors and organization include: RSA, Microsoft, vFeed, … Continue reading Photos: RSA Conference 2020, part 3
Less than half of organizations have a privileged access management strategy in place for digital transformation technologies, like RPA, according to a CyberArk report. The report provides practical recommendations from information security executives … Continue reading The importance of risk reduction for robotic process automation
Today, at RSA Conference 2020 in San Francisco, CyberArk released the industry’s first privilege-based deception capabilities designed to defend against credential theft on workstations and servers. Local administrator rights are often left on endpoint… Continue reading CyberArk Endpoint Privilege Manager enhanced with new deception feature
CyberArk, the global leader in privileged access management, announced the CyberArk Blueprint for Privileged Access Management Success. The most comprehensive program of its kind, CyberArk Blueprint is designed to help customers take a future-proof, ph… Continue reading CyberArk lauches new program to help customers reduce privilege-related risk
The uncontrolled search path vulnerability allows a local user to use DLLs to escalate privileges and affects Windows PCs. Continue reading Dell Patches SupportAssist Flaw That Allows Arbitrary Code Execution
Cybertech Tel Aviv is one of the largest B2B networking events in the cyber industry, outside of the United States. Every year, the event attracts thousands of attendees, mainly C-level executives, investors, professionals, and government officials fro… Continue reading Photos: Cybertech Tel Aviv 2020
CyberArk, the global leader in privileged access management, unveiled new just-in-time access capabilities that help reduce risk and improve operational efficiency as organizations implement broader least privilege strategies. By extending just-in-time… Continue reading CyberArk’s new just-in-time access capabilities help reduce risk and improve operational efficiency