this post was submitted on 10 Nov 2025

181 points (98.9% liked)

Cybersecurity

8663 readers

81 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

181

Microsoft Teams’ New “Chat with Anyone” Feature Exposes Users to Phishing and Malware Attacks (cybersecuritynews.com)

submitted 2 weeks ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

19 comments fedilink hide all child comments

top 19 comments

sorted by: hot top controversial new old

[–] henfredemars@infosec.pub 31 points 2 weeks ago (1 children)

Microsoft won’t care and doesn’t need to care until businesses actually switch away.

And I hope they do.

[–] wizardbeard@lemmy.dbzer0.com 16 points 2 weeks ago

Usually they get around this by offering controls for sysadmins at businesses to switch these sort of harebrained features off before they're rolled out.

[–] OmegaMan@lemmings.world 16 points 2 weeks ago

This can all be disabled using the Entra b2b guest policy, from what I understand.

Very stupid to have this turn on by default though.

[–] 1984@lemmy.today 4 points 2 weeks ago (1 children)

Had so much fun watching the so called teams update at work. It would break all sorts of things, it would sometimes be the old version, sometimes the new one, it would mess with logins and authentication... I think it gave our two it guys constant work for weeks!

[–] moopet@sh.itjust.works 5 points 2 weeks ago

Same experience here. I don't know how many times it told me I was using "classic" or "new" like they were flavours of coke.

[–] givesomefucks@lemmy.world 4 points 2 weeks ago

They've been relaxing it for a while...

[+] Grimy@lemmy.world -26 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

I use teams at work and love the chat much more then emails. This is a very cool feature they are adding.

I guess if we stopped ourselves from every feature that could create more "phishing" vectors, we would be living in the stone age.

The moment you broaden any kind of communication, you expose yourself to more dangers.

[–] explodicle@sh.itjust.works 12 points 2 weeks ago (2 children)

Enshittify me harder daddy

[–] Laser@feddit.org 6 points 2 weeks ago (1 children)

Not sure the term applies to MS Teams. It was always a rushed shitty product, pushed onto customers during COVID when companies like Zoom gained tons of users. Few people if any asked for it

[–] FooBarrington@lemmy.world 5 points 2 weeks ago (1 children)

They literally added an "Upgrade to Premium" button a few weeks ago. Yes, it applies to Teams

[–] fushuan@lemmy.blahaj.zone 3 points 2 weeks ago (1 children)

I don't know anyone that doesn't use their company teams in the company computer. We don't see any upgrade to premium because we do have the premium.

The main experience of teams is the corporate word, idk if they are enshittifying their main user base.

[–] FooBarrington@lemmy.world 2 points 2 weeks ago (1 children)

My company uses our company teams on our company computers, and we do have the "Upgrade to Premium" button, even though our company pays for Teams.

Though I guess it's a great filter - who'd wanna be part of a company that's stupid enough to pay extra for "Teams Premium"?

[–] fushuan@lemmy.blahaj.zone 1 points 2 weeks ago (1 children)

Uh, I'd think reverse. I don't really want to work in a company that forces me to use a tool where they haven't negotiated enshittification away. They don't pay for the premium features as extra, they usually have commercial licensed on a per user basis and that covers everything.

I wouldn't mind on a small startup where they obviously have pirates windows, but if the consultant firms I have worked don't provide me a non enshittfied experience of the tools I'm forced to use I'd raise hell.

Btw, thanks for reminding me, the client we work for blocked extensions in Firefox, edge and Chrome. Gotta raise hell until I get them back.

[–] FooBarrington@lemmy.world 2 points 2 weeks ago (1 children)

Wait, you'd seriously throw a tantrum because you don't have useless AI features enabled? That's sad.

[–] fushuan@lemmy.blahaj.zone 2 points 2 weeks ago

No, I'd throw a tantrum if I saw the button. I'd want the basics covered and then no visual of any "enable moar" features. Way to misunderstand my post qq

[–] Grimy@lemmy.world -3 points 2 weeks ago (1 children)

I push for open source whenever I can, but in the end, I'm forced to use teams and this isn't a bad feature imo.

[–] explodicle@sh.itjust.works 3 points 2 weeks ago (1 children)

then push for email

[–] Grimy@lemmy.world -2 points 2 weeks ago (1 children)

Emails are slow and bothersome, and I can't edit them. Long email chains get very confusing as well in my experience, group chats between a few people are easier to handle.

[–] moopet@sh.itjust.works 3 points 2 weeks ago

They're not confusing if people don't top-post or include miles of signatures.