said that the installation of a launch daemon whose plist and binary are stored hidden in an application’s resource directory is a technique that matches Lazarus, the name many researchers and intelligence officers use for a North Korean hacking group.You can make a script to be run on each machine on next login that does something like this: sudo chown USERNAME:wheel /Applications/'Microsoft Teams.app' You would have to replace USERNAME with the short name of the user on that Mac. If you have some sort of Management software like Casper Suite or JAMF suite as its known now.
