Abusing Azure Active Directory - From MFA Bypass to Listing Global Administrators
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the vulnerabilities and potential exploits in Azure Active Directory (Azure AD) through this 38-minute Black Hat conference talk. Delve into the hidden complexities of Microsoft's Evolved Security Service (eSTS) and its impact on Azure AD security. Learn about the high adoption rate of Azure AD among Fortune 500 companies and why it has become a prime target for threat actors, including state-sponsored groups like APT29/Nobelium. Discover techniques for bypassing Multi-Factor Authentication (MFA) and methods for identifying global administrators within Azure AD environments. Gain valuable insights from security experts Sravan Akkaram and Nestori Syynimaa (DrAzureAD) as they uncover the potential risks and vulnerabilities in this widely-used Identity and Access Management solution.
Syllabus
Abusing Azure Active Directory: From MFA Bypass to Listing Global Administrators
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube