Exploiting EntraID Guest Access - Security Vulnerabilities and Defenses

Explore critical security vulnerabilities in EntraID guest access through this eye-opening conference talk from x33fcon. Learn how the assumed restricted access and deny-by-default settings for guests can be bypassed, enabling unauthorized access to sensitive data including SQL servers and Azure resources. Discover how guest accounts can be exploited to set up internal phishing apps and deploy persistent backdoors. Through live demonstrations, examine the stark contrast between intended guest user limitations and actual capabilities, including methods to access SQL server dumps, SharePoint sites, OneDrive, and KeyVault credentials. Dive deep into Azure AD guest configurations, understanding the delicate balance between resource sharing and security controls like conditional access policies. Investigate the Power Platform's business application capabilities and associated security risks, particularly how misconfigurations can lead to data exposure and facilitate internal phishing attacks. Get hands-on experience with a newly released security tool and learn practical defense strategies to protect Office 365 environments against these emerging threats.