Microsoft Teams recently announced a patch for one of the issues in videoconferencing. It was recently uncovered that the patch had a workaround that allowed hackers access to the service function. The threat actors utilized the service’s updater feature to download the malicious or binary payload.
The major issue here is that any threat actor could be disguised in the Microsoft Teams updater volume that has seen high traffic in the current times. The noisy nature of the traffic has resulted in malicious actors being hidden from the analysts’ view. Some of the hackers may even have gained access to the authorized access list and therefore have unmonitored access to applications.
Source: Threatpost