[ROARosen]

There is, however, some consolation in the fact that only an individual who is already connected to you in Teams can run this.

That's not to say - of course - it's not abuse-able, it just gives some context to the fact threat MS calls this "Spoofing", since presumably, your Teams contact is someone you trust. So the bad actor is "spoofing" as someone trustable within your org (or outside it). But is does prob need some social-engineering for a bad actor to truly exploit this.

But the threat is still sever since the above logic only holds up to the point-of-entry, once the worm has infected someone the people forwarding it around are truly trusted.

[csnover]

One of my health care providers use Microsoft Teams as their telehealth solution. My city government uses Microsoft Teams for some public meetings. The idea that folks are only using Teams to connect with other trusted parties is comforting, but false.

[noir_lord]

> Microsoft Teams as their telehealth solution

That sounds..interesting.

I suspect with the on-going pandemic lots of tools are getting used in interesting ways they where never really designed for just to keep things going.

[kritiko]

Microsoft advertises Teams for telehealth:

https://www.microsoft.com/en-us/microsoft-365/microsoft-team...

[csnover]

It’s bad, but it’s mostly bad because Teams is bad. It’s still better than Amwell, which somehow manages to have multi-second latencies and requires me to manually mute my video preview to stop it looping back my own audio.

The old P2P Skype had better video quality and latency, even when talking to people 4000 miles away, than every video product I’ve used in the last year. Probably not coincidentally, every video product I’ve used in the last year has been web-based. WebRTC is an enormous disappointment.

[Isthatablackgsd]

Teams as their telehealth solution? What is wrong with Doxy.me? It is HIPAA compliant and privacy-orientated for telehealth than Teams.

[elpakal]

believe Teams is also used for the NBA virtual fan thing, so there are... a lot of people connecting there...

[aardvarkr]

That’s pretty scary tbh. All you need is a single employee to fall for a phishing attack or other social hacking attempt and that’s game over. Everyone from the CEO down is compromised. Zero click wormability with remote code execution on a platform the entire company uses gives the exploit unlimited reach within a company. This makes this one of the most effective hacking/corporate espionage tools I’ve heard of.

[varispeed]

Imagine a bad actor starting work at large corp having all confidential information up for grabs from colleagues on Teams. It is especially scary during these times where a lot of companies moved completely to working from home. Some health organisations also use Teams for group support meetings. Imagine someone being able to rummage through your documents during an appointment.

[oskarsv]

sure, add guest accounts to that and we are almost on the same page.

I can’t call this “spoofing” as there are many many things you can do wih it