Token-Mining Weakness in Microsoft Teams Makes for Perfect Phish

Access tokens for other Teams users can be recovered, allowing attackers to move from a single compromise to the ability to impersonate critical employees, but Microsoft isn’t planning to patch.

from Dark Reading https://ift.tt/8qf9cVW
via IFTTT