Cloudy with a Chance of APT - Novel Microsoft 365 Attacks in the Wild
Offered By: Black Hat via YouTube
Course Description
Overview
Explore novel techniques used by APT groups to persistently access and extract data from Microsoft 365 in this 45-minute Black Hat conference talk. Gain insights into the technical underpinnings of these attacks, including disabling security features, manipulating mailbox folder permissions, and exploiting application vulnerabilities. Learn about potential extensions of these techniques and prepare your organization for emerging threats. Discover how attackers abuse app registrations, perform key derivation, and execute enterprise application hijacking. Understand the motivations behind these attacks and equip yourself with the knowledge to detect and mitigate these advanced persistent threats in cloud environments.
Syllabus
Intro
What's Going On?
Disabling Security Features
Mailbox Folder Permissions
Common Permissions
Detection
Types of Applications
Application Permissions
Secrets and Certificates
Enterprise Application Hijacking
Abuse of App Registrations
Key Derivation
Farmville
Replicating
Why?
Taught by
Black Hat
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network