FalconFriday — Teams RCE & FireEye tools— 0xFF09
Today we have a special FalconFriday, covering two big events of the past week. First, we’ll be detailing the hunt we released earlier this week for detecting abuse of the Microsoft Teams Remote Code Execution (RCE) vulnerability. Next, we have some Kusto hunts based on the indicator repo FireEye published after they announced their breach.
Cross post from medium.com, please read the full article here:
Direct link to our Github page: