Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Breaking Microsoft Teams and SharePoint Through Migration APIs

DEFCONConference via YouTube

Overview

Learn about critical security vulnerabilities in Microsoft SharePoint Online (SPO) and connected Microsoft services in this DEF CON 31 conference presentation. Explore how migration APIs intended for transferring data between on-premises and cloud environments can be exploited by threat actors to compromise system integrity. Discover the technical details of how regular users can leverage SharePoint's Granular Backup feature to spoof content, tamper with existing files, and execute XSS attacks across Microsoft's online ecosystem. Gain insights into elevation-of-privilege attack vectors that can impact Azure Active Directory and other Microsoft cloud services through SPO's backend file storage role in Microsoft 365 Groups, OneDrive, and Teams.

Syllabus

DEF CON 31 - From Feature to Weapon Breaking Microsoft Teams and SharePoint - Nestori Syynimaa

Taught by

DEFCONConference

Reviews

Start your review of Breaking Microsoft Teams and SharePoint Through Migration APIs

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.