The GifShell Attack Method
Discovered by Bobby Rauch, the GIFShell attack technique enables bad actors to exploit several shoppingmode Microsoft Teams features to act as a C&C for malware, and exfiltrate data using GIFs without being detected by EDR and other network monitoring tools. This attack method requires a device or user that is already compromised.
Learn how an SSPM can assess, monitor and remediate SaaS misconfigurations and Device-to-SaaS user risk.