Microsoft-Teams

🟠 High | Source: The Hacker News The DragonForce ransomware group has deployed a custom Go-based backdoor, Backdoor.Turn, that tunnels command-and-control traffic through Microsoft Teams relay infrastructure to evade detection. By blending malicious traffic with legitimate Teams communications, the group makes it significantly harder for defenders to identify or block C2 activity. The technique was observed in an attack against a major US services organisation, flagged by Symantec and Carbon Black. ...

🟠 High | Source: The Register — Security Attackers have developed custom malware that routes command-and-control traffic through Microsoft Teams, disguising malicious communications as legitimate corporate collaboration activity. By abusing trusted Microsoft services, the malware makes it significantly harder for security tools and analysts to distinguish attacker traffic from normal business use. This technique lowers the risk of detection and complicates incident response, particularly in organisations that heavily rely on Teams. ...