It is a no brainer that cloud adoption has surged exponentially in the last couple of years. The rise of digitization and DevOps combined with the aftermath of the pandemic has made cloud computing a critical ingredient for any organization’s growth. Gartner® predicts that by 2025, more than 95% of digital workloads will be deployed on cloud-native platforms.

The central issue behind the latest headline-grabbing security breach – an incident that directly impacted several major US government agencies – highlights pervasive issues related to many organizations’ use of the popular Office 365 and Azure Microsoft cloud platforms.

Encryption is an essential means of protecting sensitive information and is required for certain types of data under many regulations. As more companies move to the Cloud and introduce Microsoft 365 (M365) applications like Teams and SharePoint Online to their communication and collaboration channels, the potential for data getting into the wrong hands grows exponentially making encryption strategies essential.

Microsoft requires users to leverage the Microsoft Developer Portal to create new Teams applications, such as chatbots. At Tines, we thought it might be helpful to provide instructions for alternative options if you don't want to create a chatbot in the portal. For those who would prefer to send messages directly to a Teams channel instead of configuring a chatbot, Microsoft Teams can receive messages in a channel via a webhook.

Trustwave security teams are aware of two zero-day vulnerabilities (CVE-2022-41040 and CVE-2022-41082) impacting Microsoft Exchange Server 2013, 2016, and 2019 and organizations with Outlook Web Access facing the Internet. If exploited, the vulnerabilities can allow an attacker to elevate privilege and remote code execution capability. We immediately investigated the vulnerabilities and potential exploits and continue to monitor the situation.