Teams Vulnerability Allows Microsoft Defender Bypass Through Guest Access
Ontinue security researchers have discovered a “cross-tenant blind spot” in Microsoft Teams that allows attackers to bypass Microsoft Defender for Office 365 protections using the guest access feature. The problem is that when a user operates as a guest in an external tenant, their security protections are determined entirely by the hosting environment, and not by the security policies of their home organization. This fundamental architectural gap opens the door to attack scenarios where users become unprotected guests in a malicious environment controlled by the attacker. ...