Explore the potential security risks associated with Office365 adoption in enterprises through this 36-minute Black Hat conference talk. Delve into the practical implications of allowing Microsoft's SaaS offerings into corporate environments, focusing on how malicious actors can exploit these platforms. Learn about covert command and control (C2) techniques using Office365 and PowerShell, gaining insights into the often-overlooked hazards of rapid cloud adoption. Discover real-world examples and strategies to better evaluate and mitigate risks in your organization's cloud infrastructure.
Infecting the Enterprise - Abusing Office365 + Powershell for Covert C2
Overview
Syllabus
Infecting the Enterprise: Abusing Office365+Powershell for Covert C2
Taught by
Black Hat
Related Courses
-
Windows Agentless C2 - Abusing the MDM Client Stack
-
Reinvestigating PowerShell Attacks
-
Flying a False Flag - Advanced C2, Trust Conflicts, and Domain Takeover
-
JEA - A PowerShell Toolkit to Secure a Post-Snowden World
-
Log in Your Own Eye - Exploiting a Stealthy C2 Channel in Azure Logging Infrastructure
-
Walking Your Dog in Multiple Forests - Breaking AD Trust Boundaries through Kerberos Vulnerabilities
