Enlarge / Using Teams in a browser is actually safer than using Microsoft’s desktop apps, which are wrapped around a browser. It’s a lot to work through. reader comments 65 with 41 posters participating Share this story Microsoft’s Teams client stores users’ authentication tokens in an unprotected text format, potentially allowing attackers with local access… Read More »
Enlarge / If you own the right domain, you can intercept hundreds of thousands of innocent third parties’ email credentials, just by operating a standard webserver. reader comments 35 with 25 posters participating, including story author Share this story Security researcher Amit Serper of Guardicore discovered a severe flaw in Microsoft’s autodiscover—the protocol which allows… Read More »
reader comments 47 with 40 posters participating Share this story If you receive an email from someone@arstechnіca.com, is it really from someone at Ars? Most definitely not—the domain in that email address is not the same arstechnica.com that you know. The ‘і’ character in there is from the Cyrillic script and not the Latin alphabet. This… Read More »