A researcher over at Vectra has recently reported a vulnerability in Microsoft Teams that “stores auth tokens in cleartext”. The story has been parroted by many other blogs and security reporters across the internet. There is one key piece of information missing from the report however. The local account of the user has to be compromised first, which is a post-exploitation technique.
The method described by the researcher will not work if the account is not already compromised. So basically, your account has to be cracked first, in order for an attacker to gain access to to your Teams data. But by that time, that have access to everything, eh? Why would an attacker go after your Teams tokens when they already have access to everything else, including much higher value targets?
So, generally speaking, bleepingcomputer has some useful information, but from time to time, they push out a post that is more clickbait than actually something to get excited about.
Some Basic Security Tips
Take a look at these basic security tips to help you on your way to a more secure online experience.
Create a Strong Password for Your Account
It’s especially important to have a strong password if you use a Microsoft email address (like Outlook.com or Hotmail). This is because many services now use your email address to check your identity. If someone gets access to your Microsoft account, they may be able to use your email to reset the passwords for your other accounts, like banking and online shopping.
Use an Authenticator Phone App to Signin Without a Password.
An Authenticator (Microsoft and Google both have one) phone app not only adds another security layer to your Microsoft account, but it also lets you sign in to your account from your phone without a password.
Make Your Account Easier to Recover
Add security info to your account to make it easier to recover your account if it’s hacked. Because this info can help keep your account safe, it’s important to keep it up to date.
Make Sure Your Operating System has the Latest Updates
Most operating systems have free software updates to enhance security and performance. Because updates help keep your mobile and computer safer, it is strongly recommend that you set up your device to get these updates automatically.
Never Reply to Emails Asking for Your Password
A reputable vendor will never ask for your password in email, so never reply to any email asking for any personal information, even if it claims to be from Microsoft, Google, Facebook, Amazon, or some other trusted source.
Check your Recent Activity
Most popular services (email, etc) vendors give you the ability to check recent activity on your account. Things such as when and were your account was accessed, successful sign-ins and security challenges, are tracked in an account activity page. Check it out from time to time, and make sure there are no suspicious activities happening.
User 2FA (Two Factor Authentication)
Two-factor authentication (2FA) is an identity and access management security method that requires two forms of identification to access resources and data. 2FA provides an additional layer of protection, securing user identities and preventing organizations’ online resources from being accessed by bad actors. With two-factor authentication, attackers face an additional barrier to access. Even if they know a user’s password, bad actors would still need to spoof a second factor, which can be difficult depending on the type of factor that’s enabled.
Install Anti-Virus on all Your Devices
Hackers are known to use malware and virus programs to access computers and phones. The easiest way to do this is by sending emails to potential victims. If they get access to your computer, they can easily hack into your files and programs. They collect data and use it as they please. Antimalware or antiviruses places an antihacking lock into your devices and prevents hackers from accessing your information.