🤬 All My Contacts Imported to My Partners Account
My partner restarted her Teams tonight. On restarting, every single one of my contacts had appeared in her contact list. Is this a bug, or have they introduced automatic contact sharing. She can't see any previous messages, but obviously a massive security breach sharing contact lists between accounts without permission.Security Researchers Demonstrate Exploit Against Teams External Access
Security researchers JumpSec demonstrated a weakness in Teams External Access by showing how to send malware to users via a federated chat. The exploit depends on another weakness in that attackers can interfere with the set of policy controls transmitted by the Teams server to clients. It’s yet another reason why Microsoft 365 tenants should restrict external access to the set of domains they really want to chat with. https://office365itpros.com/2023/06/26/teams-external-access-exploit/Unable to share screen on MS Teams in Google Chrome 109.0.5414 on Ubuntu 22.10
Hello, I have not been able to share the screen (or other windows) like I used to share with MS Teams running inside Google Chrome 109.0.5414 on Ubuntu 22.10. The only thing I can share is other tabs inside Google Chrome. The same thing is happening inside Chromium 109.0.5414. The strange thing is that Google Chrome and Chromium display the following message: "Go to Security & Privacy > Screen Recording to give permission and start sharing." But I do not have these Security & Privacy Settings. I am not using macOS, where I know about these settings. On Linux, there are no such settings. Are there any other options on a Linux System to set to make sharing screens possible once more? Thanks in advance. Details: - Ubuntu 22.10 with GNOME 43.1, Wayland - Chromium 109.0.5414 (via snap) and Google Chrome 109.0.5414 (via dpkg/apt)
Security and privacy Live Captions Teams Meeting
Dear Microsoft, In our company we would like to enable live captions for our users since the Dutch language became available. However, from security and privacy perspective, I need some more information on where the audio gets translated from speech to text (where does the data go). Also I would like to have some information on who has access to this audio and speech while the data is in transit. I would imagine that the audio gets processed in Azure somewhere and maybe Microsoft engineers have access to it. Do you have more information on encryption of speech to text (specifically for live captions in Teams meetings), where this gets processed (europe/US etc.) and who has access (from Microsoft perspective) etc.? This would help me to ease our security officers and enable the feature for our users. Thank you in advance for your help! Sylvester
How secure are emails sent to a Teams channel?
We are exploring the option of having individuals from outside our organization email sensitive information directly to a Teams channel. It would be scanned in Outlook via an iPad and emailed to the channel directly. How secure is the information that they are sending in to us? Thank you in advance for any information.
Teams Mobile App with Conditional Access and App Protection Policy
According to the Conditional Access doc Require App Protection Policy , "Microsoft Teams... do not support the Require app protection policy grant. If you require these apps to work, please use the Require approved apps grant exclusively." This does not mean that an App Protection Policy cannot be applied to Teams mobile app, but rather that Conditional Access cannot use it as a control to guarantee access from a mobile device has a managed app being used. This presents a potential security risk in that data within the Teams mobile app could be extracted to non-managed apps, such as the Files app within iOS. With the heavy dependency and promotion of Teams today, what are ways to allow the use of the Teams mobile app while also preventing data from being extracted to uncontrolled locations/services? Assuming device enrollment is not being considered for BYOD and that a MAM-only approach is desired, what options would that leave? Curious for other perspectives or opinions on this scenario.
