Midnight Blizzard, a Russian hacker group, is using compromised Microsoft 365 tenants to launch a social engineering attack. They create new domains that look like technical support entities and use Microsoft Teams messages to steal credentials. The campaign has affected less than 40 organizations, indicating espionage objectives. The attackers impersonate Microsoft Support to trick users into entering a code in the Microsoft Authenticator app, giving them access to the user's Microsoft 365 account. Microsoft has identified and provided instructions to the targeted customers. #cybersecuritynews #cybersecurity

https://cybersecuritynews.com/hackers-leverages-teams-chat/