![]() Its containerization provides significant benefits of use in numerous business scenarios, which explains the uptick in adoption. Major corporations and organizations globally dramatically increased their adoption of Kubernetes (K8s), an open-source container orchestration system for automating deployment, scaling, and management of containerized applications. ![]() ACA’s penetration test team expects criminal communities to increasingly propagate these attacks, as well as develop additional automated tooling to carry them out. Once permissions are granted, an attacker could use the assumed application identity to access the granted resources within the victim’s O365 environment.Įnd user education regarding the granting of application permissions will be key in preventing this newly maturing attack vector. Since the login session is to a legitimate O365 endpoint, it could bypass many current phishing controls that rely on the blocking of malicious sites or sites with a low reputational score. The attacker then tricks an end user into granting that application consent to access their data.”Ī successful phish would present the victim with a login session at a legitimate O365 resource to approve vague permission grants for the attacker. Microsoft defines this as an attack where “the attacker creates an Azure-registered application that requests access to data such as contact information, email, or documents. Implicationsīy configuring a fake OAuth application within O365, an attacker could leverage the application in an illicit consent grant phishing attack to obtain permissions to the victim’s O365 resources. Because the attack method closely resembles a standard O365 user’s experience with corporate applications, and because users typically do not possess a clear understanding of how the underlining application authorization processes function, this technique is ripe for abuse. Jenko Hwong, a principal engineer at Netskope, delved deeply into this emerging trend in his presentation “OAuthsome Magic Tricks Yet More OAuth Abuse”. Are there any emerging attack trends for which our clients should be on the lookout? OAuth attack techniques against Microsoft ® Office 365 ®Īttack techniques involving Open Authorization (OAuth), or an open standard for access delegation, and directed at Microsoft Office 365 (O365) are becoming more mature and effective. Read Jeff and Derek’s Q&A below for a breakdown of what they learned about the industry’s newest trends, tools, and attack vectors. Crowds of information security professionals, journalists, lawyers, federal employees, law enforcement agents, students, and hackers alike gathered at DEF CON’s 30th convention to talk all things hacking and cybersecurity. Members of ACA Aponix’s penetration testing team, Jeff Standley, Senior Principal Consultant, and Derek Van Natta, Consultant, attended DEF CON, one of the world’s largest and most prominent annual hacker conferences August 11-14, 2022.
0 Comments
Leave a Reply. |