Unable to share screen on MS Teams in Google Chrome 109.0.5414 on Ubuntu 22.10
Hello, I have not been able to share the screen (or other windows) like I used to share with MS Teams running inside Google Chrome 109.0.5414 on Ubuntu 22.10. The only thing I can share is other tabs inside Google Chrome. The same thing is happening inside Chromium 109.0.5414. The strange thing is that Google Chrome and Chromium display the following message: "Go to Security & Privacy > Screen Recording to give permission and start sharing." But I do not have these Security & Privacy Settings. I am not using macOS, where I know about these settings. On Linux, there are no such settings. Are there any other options on a Linux System to set to make sharing screens possible once more? Thanks in advance. Details: - Ubuntu 22.10 with GNOME 43.1, Wayland - Chromium 109.0.5414 (via snap) and Google Chrome 109.0.5414 (via dpkg/apt)
Teams Mobile App with Conditional Access and App Protection Policy
According to the Conditional Access doc https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-grant#require-app-protection-policy , "Microsoft Teams... do not support the Require app protection policy grant. If you require these apps to work, please use the Require approved apps grant exclusively." This does not mean that an App Protection Policy cannot be applied to Teams mobile app, but rather that Conditional Access cannot use it as a control to guarantee access from a mobile device has a managed app being used. This presents a potential security risk in that data within the Teams mobile app could be extracted to non-managed apps, such as the Files app within iOS. With the heavy dependency and promotion of Teams today, what are ways to allow the use of the Teams mobile app while also preventing data from being extracted to uncontrolled locations/services? Assuming device enrollment is not being considered for BYOD and that a MAM-only approach is desired, what options would that leave? Curious for other perspectives or opinions on this scenario.Incoming Webhook security
Hi, anyone got a solution to add security to the Incoming Webhook feature ? I realize the risk is not high but still, I would like to make more secure than what is provided currently. In the message to warn us this was coming, MSFT mentions "We're transitioning to a new webhook URL format where is friendly short name for the tenant. Your organization can use to filter egress traffic”. How can this filtering be achieved ? Thanks in advance for your suggestions
Security and privacy Live Captions Teams Meeting
Dear Microsoft, In our company we would like to enable live captions for our users since the Dutch language became available. However, from security and privacy perspective, I need some more information on where the audio gets translated from speech to text (where does the data go). Also I would like to have some information on who has access to this audio and speech while the data is in transit. I would imagine that the audio gets processed in Azure somewhere and maybe Microsoft engineers have access to it. Do you have more information on encryption of speech to text (specifically for live captions in Teams meetings), where this gets processed (europe/US etc.) and who has access (from Microsoft perspective) etc.? This would help me to ease our security officers and enable the feature for our users. Thank you in advance for your help! SylvesterSecurity Researchers Demonstrate Exploit Against Teams External Access
Security researchers JumpSec demonstrated a weakness in Teams External Access by showing how to send malware to users via a federated chat. The exploit depends on another weakness in that attackers can interfere with the set of policy controls transmitted by the Teams server to clients. It’s yet another reason why Microsoft 365 tenants should restrict external access to the set of domains they really want to chat with. https://office365itpros.com/2023/06/26/teams-external-access-exploit/
