all InfoSec news
Abusing Azure Active Directory: From MFA Bypass to Listing Global Administrators
Sept. 6, 2023, 6:27 p.m. | Black Hat
Black Hat www.youtube.com
Azure AD is leveraging Microsoft's not-so-well-documented Evolved Security Service (eSTS). eSTS hides multiple security token services so that users see only Azure AD.....
By: Sravan Akkaram , Nestori Syynimaa (DrAzureAD)
Full Abstract and Presentation Materials:
https://www.blackhat.com/asia-23/briefings/schedule/#abusing-azure-active-directory-from-mfa-bypass-to-listing-global-administrators-30860
abusing access access management active directory administrators adoption apt29 azure azure active directory azure ad bypass directory global high iam identity identity and access identity and access management listing management mfa microsoft nobelium organizations rate security service solution sponsored state target threat threat actors
More from www.youtube.com / Black Hat
Locknote: Conclusions and Key Takeaways from Day 2
2 weeks, 3 days ago |
www.youtube.com
Locknote: Conclusions and Key Takeaways from Day 1
2 weeks, 3 days ago |
www.youtube.com
Keynote: My Lessons from the Uber Case
2 weeks, 3 days ago |
www.youtube.com
The Black Hat Europe Network Operations Center (NOC) Report
2 weeks, 4 days ago |
www.youtube.com
My Invisible Adversary: Burnout
3 weeks, 1 day ago |
www.youtube.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Network Security Engineer
@ Meta | Menlo Park, CA | Remote, US
Security Engineer, Investigations - i3
@ Meta | Washington, DC
Threat Investigator- Security Analyst
@ Meta | Menlo Park, CA | Seattle, WA | Washington, DC
Security Operations Engineer II
@ Microsoft | Redmond, Washington, United States
Engineering -- Tech Risk -- Global Cyber Defense & Intelligence -- Bug Bounty -- Associate -- Dallas
@ Goldman Sachs | Dallas, Texas, United States