A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Attacking with Automation: How Office 365 automation provides another new risk to the cloud - Trent Lo Derbycon 2019 (Hacking Illustrated Series InfoSec Tutorial Videos)

Attacking with Automation: How Office 365 automation provides another new risk to the cloud
Trent Lo
Derbycon 2019

Office 365 is already an integral process of everyday business that empowers corporations the flexibility to get the job done faster and more efficiently. But what happens when, those same processes turn on you, and bypass protections that were meant to mitigate risks, and become undocumented features?This talk will begin by showing how to exfiltrate inbox data over an infinite amount of time without the use of Exchange Rules, PowerShell or Physical Access to the victim machine all while being resilient to password changes. Finally I'll demonstrate how to issue command and control commands through innocuous looking emails to perform actions within the Office 365 Environment where I can interact with an on premise host and bypass security controls such as DLP, AV and Firewall.

Trent Lo is a seasoned and well regarded speaker with over 15 years of security research, Incident Response and protecting large scale infrastructure from advanced cyber threat actors. Trent?s technical expertise and understanding of the inherent risks corporations face today has given him a unique ability to build strong cyber defenses to proactively and predictively detect and disrupt cyber threats.

@surbo

Back to Derbycon 2019 video list

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast