Главная
Study mode:
on
1
Intro
2
What's Going On?
3
Disabling Security Features
4
Mailbox Folder Permissions
5
Common Permissions
6
Detection
7
Types of Applications
8
Application Permissions
9
Secrets and Certificates
10
Enterprise Application Hijacking
11
Abuse of App Registrations
12
Key Derivation
13
Farmville
14
Replicating
15
Why?
Description:
Explore novel techniques used by APT groups to persistently access and extract data from Microsoft 365 in this 45-minute Black Hat conference talk. Gain insights into the technical underpinnings of these attacks, including disabling security features, manipulating mailbox folder permissions, and exploiting application vulnerabilities. Learn about potential extensions of these techniques and prepare your organization for emerging threats. Discover how attackers abuse app registrations, perform key derivation, and execute enterprise application hijacking. Understand the motivations behind these attacks and equip yourself with the knowledge to detect and mitigate these advanced persistent threats in cloud environments.

Cloudy with a Chance of APT - Novel Microsoft 365 Attacks in the Wild

Black Hat
Add to list
0:00 / 0:00