Abusing Azure Active Directory - From MFA Bypass to Listing Global Administrators
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the vulnerabilities and potential exploits in Azure Active Directory (Azure AD) through this 38-minute Black Hat conference talk. Delve into the hidden complexities of Microsoft's Evolved Security Service (eSTS) and its impact on Azure AD security. Learn about the high adoption rate of Azure AD among Fortune 500 companies and why it has become a prime target for threat actors, including state-sponsored groups like APT29/Nobelium. Discover techniques for bypassing Multi-Factor Authentication (MFA) and methods for identifying global administrators within Azure AD environments. Gain valuable insights from security experts Sravan Akkaram and Nestori Syynimaa (DrAzureAD) as they uncover the potential risks and vulnerabilities in this widely-used Identity and Access Management solution.
Syllabus
Abusing Azure Active Directory: From MFA Bypass to Listing Global Administrators
Taught by
Black Hat
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network