Beyond the Basics: Microsoft 365 Attacks We Didn’t See Coming
ฝัง
- เผยแพร่เมื่อ 14 ต.ค. 2024
- Even in the fast-paced world of incident response, you will likely come across similar attack patterns, particularly with Business Email Compromise Investigations. We've all come across an incident where you feel like you could write the final report right then and there. However, even the most experienced investigators can sometimes be surprised by the creativity of advanced threat actors. In this talk, we cover three unique real-life case studies that demonstrate that creativity: one where an APT actor leveraged certificate theft to gain M365 access, one where a threat actor flipped the script on an email allowlist, and one where a ransomware threat actor used email security software to hide in plain sight. By attending this talk, participants will gain insights into unique Microsoft 365 attack techniques seen in the wild. Attendees will also gain a new perspective on defending their organization's Microsoft 365 environment against advanced threats.
SANS DFIR Summit 2023
Speakers:
John Ailes, Senior Consultant - DFIR, Aon
Julia Paluch, DFIR Consultant, Aon
View upcoming Summits: www.sans.org/u/DuS
👍