https://www.theregister.com/2024/01/12/github_malware_popularity/
#GitHub infrastructure is frequently abused by criminals …due to…"living-off-trusted-sites" strategy…according to the @RecordedFuture's Insikt Group, often rely on GitHub for #payloaddelivery, #deaddrop resolving of code, #dataexfiltration, and #commandandcontrol…

"Using GitHub…allows adversaries to blend in with legitimate network traffic, often bypassing traditional security defenses and making upstream infrastructure tracking and actor attribution more difficult…"

Bottom line on the #TeamsPhisher #vulnerability - it's up to #enterprise #admins to #secure the platform by disabling #Teams messages from external tenants, or use "allow-listed" domains only.

Here's a good article from SC Media reporting on the topic: https://www.scmagazine.com/news/cloud-security/microsoft-teamsphisher-nothing-to-see-here

#malware #payloaddelivery #cyberthreats #cyber #cybersecurity #sysadmins #phishing