This interesting report covers increasing social engineering attacks on major collaboration platforms, noting the impact of the recent “Midnight Blizzard” attacks on Microsoft Teams. Read the article here.
“‘As companies adopt new types of collaboration technologies, they don’t really think about security first or know what the risk might be until there’s some kind of attack,’ said Irwin Lazar, president and unified communications analyst at Metrigy, an advisory and research firm focused on digital workplace tools.”
Social engineering attacks on these platforms include the impersonation of IT security personnel in order to tick users into providing MFA information (according to the report, the tactic used by Russian intelligence in the Midnight Blizzard attacks). Vulnerable collaboration platforms, notes the report, include Teams; Google Workspace; Zoom; Skype; WebEx; Atlassian; Salesforce Chatter; Asana; Loom; Flock; Ryver and Podio.