O365- Current Attack Trends, David Stubley, 7 Elements

Explore current attack trends targeting Office 365 in this informative 29-minute conference talk by David Stubley of 7 Elements. Gain insights into why attackers compromise systems, the mastery required for successful attacks, and the various areas of vulnerability. Learn about initial compromise techniques, including MFA bypass, phishing, voicemail exploitation, and Dropbox manipulation. Discover how attackers leverage basic authentication, mailbox access, and mail rules for onward compromise. Understand individual motives behind phishing emails and explore effective countermeasures. Discover the importance of enabling MFA, auditing logs, implementing basic MFA, blocking suspicious mail, and practicing compromise detection. Conclude with a Q&A session addressing O365 mailbox security concerns.

Intro
Agenda
Why Compromise
Mastery of an Attack
Initial Compromise
Areas of Attacks
MFA
Phishing
Voicemail
Dropbox
Phishing Contacts
Basic Auth
Mailbox
Mail Rules
Audit Log
VPN Traffic
Onward Compromise
Individual Motive
Phishing Emails
What can we do
Enable MFA
Audit logs
Basic MFA
Blocking Mail
Practice Log
Compromise
Questions
O365 Mailbox Bleeding