There is a security flaw in Microsoft Teams that allows threat actors to log into other people’s accounts, even if those accounts are protected with multi-factor authentication, researchers have claimed. Cybersecurity analysts from Vectra say the Teams desktop application for Windows, Linux, and Mac, stores user authentication tokens in cleartext, without any locks guarding the access. Anyone with local access to a system with Teams installed can steal these tokens and use them to log into the accounts.
…
Read more