Microsoft Teams stores authentication tokens in clear text
Microsoft’s workplace-centric messaging app, Teams, stores authentication tokens in an unencrypted, plain-text format — potentially allowing attackers to control conversations and move laterally within a network. Security firm Vectra Protect claims the vulnerability affects the desktop app for Windows, Mac, and Linux, developed using the Microsoft Electron framework. Although Electron is based on web technologies, …
Microsoft Teams stores authentication tokens in clear text Lire la suite »