Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Cloudy with a Chance of APT - Novel Microsoft 365 Attacks in the Wild

Black Hat via YouTube

Overview

Explore novel techniques used by APT groups to persistently access and extract data from Microsoft 365 in this 45-minute Black Hat conference talk. Gain insights into the technical underpinnings of these attacks, including disabling security features, manipulating mailbox folder permissions, and exploiting application vulnerabilities. Learn about potential extensions of these techniques and prepare your organization for emerging threats. Discover how attackers abuse app registrations, perform key derivation, and execute enterprise application hijacking. Understand the motivations behind these attacks and equip yourself with the knowledge to detect and mitigate these advanced persistent threats in cloud environments.

Syllabus

Intro
What's Going On?
Disabling Security Features
Mailbox Folder Permissions
Common Permissions
Detection
Types of Applications
Application Permissions
Secrets and Certificates
Enterprise Application Hijacking
Abuse of App Registrations
Key Derivation
Farmville
Replicating
Why?

Taught by

Black Hat

Reviews

Start your review of Cloudy with a Chance of APT - Novel Microsoft 365 Attacks in the Wild

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.