{"id":226118,"date":"2025-11-29T04:18:50","date_gmt":"2025-11-29T10:18:50","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2025\/11\/ms-teams-guest-access-can-remove-defender-protection-when-users-join-external-tenants"},"modified":"2025-11-29T04:18:50","modified_gmt":"2025-11-29T10:18:50","slug":"ms-teams-guest-access-can-remove-defender-protection-when-users-join-external-tenants","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2025\/11\/ms-teams-guest-access-can-remove-defender-protection-when-users-join-external-tenants","title":{"rendered":"MS Teams Guest Access Can Remove Defender Protection When Users Join External Tenants"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/ms-teams-guest-access-can-remove-defender-protection-when-users-join-external-tenants.jpg\"><\/a><\/p>\n<p>Cybersecurity researchers have shed light on a cross-tenant blind spot that allows attackers to bypass Microsoft Defender for Office 365 protections via the <a href=\"https:\/\/learn.microsoft.com\/en-us\/microsoftteams\/guest-experience\" rel=\"noopener\" target=\"_blank\">guest access<\/a> feature in Teams.<\/p>\n<p>\u201cWhen users operate as guests in another tenant, their protections are determined entirely by that hosting environment, not by their home organization,\u201d Ontinue security researcher Rhys Downing <a href=\"https:\/\/www.ontinue.com\/resource\/blog-microsoft-chat-with-anyone-understanding-phishing-risk\/\" rel=\"noopener\" target=\"_blank\">said<\/a> in a report.<\/p>\n<p>\u201cThese advancements increase collaboration opportunities, but they also widen the responsibility for ensuring those external environments are trustworthy and properly secured.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybersecurity researchers have shed light on a cross-tenant blind spot that allows attackers to bypass Microsoft Defender for Office 365 protections via the guest access feature in Teams. \u201cWhen users operate as guests in another tenant, their protections are determined entirely by that hosting environment, not by their home organization,\u201d Ontinue security researcher Rhys Downing [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-226118","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/226118","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=226118"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/226118\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=226118"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=226118"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=226118"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}