Attacking and Defending the Microsoft Cloud (Office 365 & Azure AD)

Channel:
United States All Hacking Cons
Subscribers:
6,070
Published on ● Video Link: https://www.youtube.com/watch?v=FziUlZyCxaI


Duration: 50:23
57 views
0

Sean Metcalf | CTO, Trimarc
Mark Morowczynski | Principal Program Manager, Microsoft
Location: South Pacific
Date: Wednesday, August 7 | 11:15am-12:05pm
Format: 50-Minute Briefings
Tracks: Enterprise, Network Defense

The allure of the "Cloud" is indisputable. Organizations are moving into the cloud at a rapid pace. Even companies that have said no to the Cloud in the past have started migrating services and resources. The Cloud is a new paradigm and the rapid update pace makes it difficult to keep up, especially when it comes to security.

This presentation focuses on the Microsoft Cloud (Office 365 & Azure AD) and explores the most common attacks against the Cloud and describes effective defenses and mitigation. While the content is focused on the Microsoft Cloud, some of the attack and defense topics are applicable to other cloud providers and are noted where applicable.

Key items covered:
Attacks against the Cloud
Account compromise and token theft
Methods to detect attack activity
Cloud identity firewall
Securing cloud infrastructure against attacks
Secure cloud administration

Black Hat - USA - 2019 Hacking conference
#hacking, #hackers, #infosec, #opsec, #IT, #security



Other Videos By All Hacking Cons


2022-01-07Exploiting the Hyper V IDE Emulator to Escape the Virtual Machine
2022-01-07Infighting Among Russian Security Services in the Cyber Sphere
2022-01-07All Your Apple are Belong to Us: Unique Identification and Cross-Device Tracking of Apple Devices
2022-01-07Exploring the New World : Remote Exploitation of SQLite and Curl
2022-01-07Firmware Cartography: Charting the Course for Modern Server Compromise
2022-01-07API-Induced SSRF: How Apple Pay Scattered Vulnerabilities Across the Web
2022-01-07Fantastic Red-Team Attacks and How to Find Them
2022-01-07Arm IDA and Cross Check Reversing the Boeing 787's Core Network
2022-01-07Finding a Needle in an Encrypted Haystack: Detect the Most Prevalent Attacks on Active Directory
2022-01-07Flying a False Flag: Advanced C2, Trust Conflicts, and Domain Takeover
2022-01-07Attacking and Defending the Microsoft Cloud (Office 365 & Azure AD)
2022-01-07GDPArrrrr: Using Privacy Laws to Steal Identities
2022-01-07Finding Our Path: How We're Trying to Improve Active Directory Security
2022-01-07Ghidra - Journey from Classified NSA Tool to Open Source
2022-01-07Bounty Operations: Best Practices and Common Pitfalls to Avoid in the First 6-12 Months
2022-01-07Attacking Electric Motors for Fun and Profit
2022-01-07Death to the IOC What's Next in Threat Intelligence
2022-01-07Going Beyond Coverage-Guided Fuzzing with Structured Fuzzing
2022-01-07Debug for Bug Crack and Hack Apple Core by Itself
2022-01-07Hacking Ten Million Useful Idiots: Online Propaganda as a Socio-Technical Security Project
2022-01-07Breaking Encrypted Databases: Generic Attacks on Range Queries


Tags:
data
hacker
security
computer
cyber
internet
technology
hacking
attack
digital
virus
information
code
thief
protection
network
fraud
malware
secure
identity
software
access
safety
theft
system
firewall
communication
account
program
hacked
hacking conference
conference
how to
2022
cybersecurity
owned
break in
securing
exploit
exploitation
recon
Sean Metcalf
Mark Morowczynski
cloud attacks
account compromise
token theft
methods detect attack
cloud administration