Attacking with Automation - How Office 365 Automation Provides Another New Risk to the Cloud
Offered By: YouTube
Course Description
Overview
Explore the potential security risks associated with Office 365 automation in this 32-minute conference talk from Derbycon 2019. Delve into the world of Microsoft Flow, examining its evolution, capabilities, and potential vulnerabilities. Learn about Data Loss Prevention (DLP), connectors, and HTTP requests, and discover how these features can be exploited to monitor inboxes and build botnets. Investigate the concept of scope creep and firewall bypass techniques within the Microsoft Flow environment. Gain valuable insights into the new challenges posed by cloud automation and understand the importance of staying vigilant in the face of evolving cybersecurity threats.
Syllabus
Intro
What is Flow
How did we get here
DLP
Connectors
HTTP Requests
Monitoring the Inbox
What happened
Building a botnet
Building a button
Microsoft
Flow
Scope creep
Firewall bypass
Microsoft Flow
Review
Related Courses
How Do I Detect Technique X in Windows - Applied Methodology to Definitively Answer This QuestionYouTube Kubered Recipes for C2 Operations on Kubernetes
YouTube Breaking Entering via SDR - How I Defeated Wiegend over UHF VHF - Your Apartment Isn't Safe
YouTube Assessing IoT Surveillance Arlo
YouTube Active Directory Security Beyond the Easy Button
YouTube