365 Summary

Uploaded by

S Mula

0% found this document useful (0 votes)

13 views1 page

Attack surface

Original Title

365 summary

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Attack surface

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

13 views1 page

365 Summary

Uploaded by

S Mula

Attack surface

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 1

Search inside document

‎Investigate unusual use patterns for

‎accounts

‎https://compliance.microsoft.com ‎Use Unified Access Logging Data

‎Not available for all access levels

‎Less-featured licenses offer fewer

‎Handles may different authentication
‎monitoring capabilities
‎Watch for Unauthorized Account ‎Cloud SaaS Endpoint ‎functions for Microsoft 365
‎License Downgrades
‎Look for accounts of E5, E3 level being ‎Publicly Accessible
‎demoted to P1, SBP
‎ icrosoft 365 Incident
M
‎Response: Identification ‎Status code reveals details
‎Unauthorized Conditional Access policy ‎about targeted user
‎changes

‎Look for MFA Access Changes ‎Invalid credentials

‎New geographic, IP address MFA
‎exceptions
‎login.microsoft.com ‎MFA (Microsoft) required
‎Returns Detailed Errors
‎ et-Mailbox -Identity donovan.lea@
G
‎falsimentis.com | Format-List *audit* ‎MFA (third-party) required

‎Investigate Accounts with Disabled ‎Account disabled

‎-AuditEnabled=$false
‎Auditing

‎-AuditOwner @() ‎Account locked out

‎Search logs for Set-Mailbox commands
‎with arguments:
‎Attacker Opportunity for Password
‎-AuditDelegate @()
‎Attacks

‎-AuditAdmin @()

‎Attack/Defense Tool ‎Leverages login.microsoft.com for

‎Password Spray
‎Requires valid credentials!
‎Checks Multiple Microsoft Login
‎MSOLSpray ‎Uses Error Codes to Optimize Attack
‎Endpoints
‎Use without valid credentials may trigger
‎account lockout ‎Takes a User List and a Single Password
‎MFASweep
‎Identified Endpoints That Don't Require
‎e.g., Conditional Access exceptions ‎MFA ‎On-by-default Feature for Microsoft 365

‎Offers Brief Recommendations to ‎Attempts to Thwart Many Types of ‎Some advanced capabilities available with
‎Leverage Access ‎Password Attacks ‎more expensive user licenses
‎ ICROSOFT 365
M
‎PASSWORD ATTACKS ‎Account Lockout: Disable Login for
‎Universally applied across accounts ‎Azure Smart Lockout ‎Single Account ‎After multiple failed attempts
‎Basic MFA is Effective
‎Doesn't always meet business needs ‎After 10 login failures regardless of
‎username
‎Permit exceptions to MFA requirements ‎Source Blocking: Don't Allow IP to Login
‎After 3 login failures for Azure .gov
‎Geolocation
‎Smart Lockout Defeats Common Spray
‎IP addresses or ranges of IP addresses ‎MFA Bypass  ‎Attacks ‎... when originating from a single source IP
‎Conditional Access (CA)

‎Specific platforms
‎Amazon AWS Service
‎Legacy systems
‎Maps a single hostname to multiple
‎microservices
‎Looking for opportunities to login ‎Attackers Use Valid Credentials with
‎without MFA ‎MFA
‎HTTP Service for API Connectivity ‎Each worker has a unique IP

‎Uses thousands of HTTP workers

‎Attack Tool to Easily Setup AWS API ‎Worker IPs originate in the AWS IP
‎Gateway ‎AWS API Gateway ‎address space ‎For the target region

‎Specify a Command, Region, and URL ‎Cheap! ‎1 million requests is $1

‎Attacker submits HTTP requests through ‎FireProx Creates the AWS API Gateway ‎Attacker can proxy requests to target
‎FireProx ‎HTTP endpoint
‎AWS API Gateway hostname ‎Endpoint ‎ ttackers will use cloud services
A
‎against your organization
‎ enerates URL like https://7t4id9w399.
G ‎AWS API GW forwards attacker request
‎execute-api.us-east-1.amazonaws.com/ ‎Attacker Opportunity to Masquerade IP ‎through worker
‎fireprox/
‎ ttackers can be very crafty in
A
‎Integrates with MSOLSpray ‎Each request will come from a different
‎how they implement attacks
‎Specify FireProx API URL with ‎source IP address
‎MSOLSpray -URL parameter

SAP Business Network Administration Process Guide
Document152 pages
SAP Business Network Administration Process Guide
charan.swastik
No ratings yet
Lukhdhirji Engineering College (Diploma), Morbi.: Local Search Engine Project (UDP)
Document22 pages
Lukhdhirji Engineering College (Diploma), Morbi.: Local Search Engine Project (UDP)
vicky popat
No ratings yet
Identity and Access Management Simplified
Document10 pages
Identity and Access Management Simplified
Manish Agarwal
No ratings yet
Windows Matrix
Document1 page
Windows Matrix
folalik
No ratings yet
IBM Tivoli Access Manager For Enterprise Single Sign-On
Document6 pages
IBM Tivoli Access Manager For Enterprise Single Sign-On
Poorna Kumar
No ratings yet
Sample Tech Writing - Solution Architecture, Ritzie Edson V. Lamina
Document25 pages
Sample Tech Writing - Solution Architecture, Ritzie Edson V. Lamina
ritzieevlamina
No ratings yet
ARX Presenation PDF
Document10 pages
ARX Presenation PDF
intellectdesign
No ratings yet
Dark Trace - Mapping To MITRE
Document19 pages
Dark Trace - Mapping To MITRE
Donghan Kim
No ratings yet
Enable or disable Keycloak features
Document5 pages
Enable or disable Keycloak features
hisyam darwis
No ratings yet
Pharma Planning
Document1 page
Pharma Planning
Bhavin Fadadu
No ratings yet
Eilago 2.0 Master-Features
Document4 pages
Eilago 2.0 Master-Features
Mazhar Waqar
No ratings yet
Ems E3
Document1 page
Ems E3
andini eldananty
No ratings yet
Usecase Diagram For Visitor: Availableconnections
Document12 pages
Usecase Diagram For Visitor: Availableconnections
Balu
No ratings yet
A2 - Broken Authentication: © 2020 Nexusguard Limited - Confidential & Proprietary
Document9 pages
A2 - Broken Authentication: © 2020 Nexusguard Limited - Confidential & Proprietary
Cesar Jr Salacata
No ratings yet
Online Shopping System Synopsis by Atulya and Sakshi
Document147 pages
Online Shopping System Synopsis by Atulya and Sakshi
Atulya Agrawal
No ratings yet
B2B Project Planning
Document14 pages
B2B Project Planning
Gian Bacay
No ratings yet
(EV 2.4) (8-Sep-21) Access Request - 08sep
Document2 pages
(EV 2.4) (8-Sep-21) Access Request - 08sep
sohaib siddique
No ratings yet
Fort I Authenticator
Document6 pages
Fort I Authenticator
Prem
No ratings yet
Step-by-Step SAP BI Security: Kamaljeet - Kharbanda
Document22 pages
Step-by-Step SAP BI Security: Kamaljeet - Kharbanda
Javeed Petashaik
No ratings yet
M&E System Architecture For UNICEF - Turkey: Sub-Form Bulder
Document1 page
M&E System Architecture For UNICEF - Turkey: Sub-Form Bulder
Mohammad Ereiqat
No ratings yet
BKJ S4hana2021 BPD en MX
Document47 pages
BKJ S4hana2021 BPD en MX
Diego Agüero
No ratings yet
Lateral Movement Detection GPO Settings Cheat Sheet: Accounts, Users and Groups
Document1 page
Lateral Movement Detection GPO Settings Cheat Sheet: Accounts, Users and Groups
Sergio Tamayo
No ratings yet
Overview of Payroll Integrations
Document10 pages
Overview of Payroll Integrations
rifki
No ratings yet
Online Grocery Shopping Made Easy
Document40 pages
Online Grocery Shopping Made Easy
Zia Rahman
No ratings yet
1ez S4hana2021 BPD en MX
Document37 pages
1ez S4hana2021 BPD en MX
Enrique Marquez
No ratings yet
Sprint 18 Showcase V1
Document12 pages
Sprint 18 Showcase V1
Medha Khajuria
No ratings yet
Key Clock
Document6 pages
Key Clock
Jithin M
No ratings yet
Supervised By: RAJIB DAS Lecturer of CSE Dep. Istt
Document19 pages
Supervised By: RAJIB DAS Lecturer of CSE Dep. Istt
Mirza Waleed
No ratings yet
PDF Dokumentum
Document1 page
PDF Dokumentum
Petra Farkas
No ratings yet
Employee Management System
Document1 page
Employee Management System
Olugbile Adeyinka Olumide
No ratings yet
Mailing System
Document23 pages
Mailing System
Stromer07
No ratings yet
Sim 208
Document62 pages
Sim 208
jatinashra
No ratings yet
Fina Cle Overview U Corr B 1709719131632
Document17 pages
Fina Cle Overview U Corr B 1709719131632
Avishek Khan
No ratings yet
FIWS-DCM-AN-BI Portal Service Architecture - v0.1
Document8 pages
FIWS-DCM-AN-BI Portal Service Architecture - v0.1
Nam Nguyễn Thành
No ratings yet
1ez S4hana2021 BPD en in
Document34 pages
1ez S4hana2021 BPD en in
venkat
No ratings yet
Kofax MarkView AP Solution Overview
Document8 pages
Kofax MarkView AP Solution Overview
Sesirekha Ravinuthula
No ratings yet
weAccess user request
Document1 page
weAccess user request
PRECIOUS DIANNE BARDON-MEMPIN
No ratings yet
Agenda: Stage Setting - EDM Intro EDM Governance Who Are The Data Stewards ? EDM Requirements
Document3 pages
Agenda: Stage Setting - EDM Intro EDM Governance Who Are The Data Stewards ? EDM Requirements
sudiptocontact17
No ratings yet
New Updated PAM Access Request Form-3
Document1 page
New Updated PAM Access Request Form-3
bekiami2013
No ratings yet
i-bizRAKYAT maintenance form updates
Document2 pages
i-bizRAKYAT maintenance form updates
Khairul Abidin
No ratings yet
Evidian WAM Training Material
Document180 pages
Evidian WAM Training Material
uuekshiidkfhslkjdi
No ratings yet
Sun Identity Manager and SAP GRC
Document46 pages
Sun Identity Manager and SAP GRC
Burak Semir
100% (1)
Fairsure Impl Document
Document5 pages
Fairsure Impl Document
kevinakaluzia
No ratings yet
Identity and Access Management PMI Westchester Quality SIG Presentation September 12 2017
Document20 pages
Identity and Access Management PMI Westchester Quality SIG Presentation September 12 2017
venkatesh VR
No ratings yet
SRM PASSPORT SYSTEM
Document327 pages
SRM PASSPORT SYSTEM
tamilarasi87thulasi
No ratings yet
SFAFINITY vs SalesForce comparison
Document4 pages
SFAFINITY vs SalesForce comparison
Anonymous pmzOTxa
No ratings yet
Registrasi, Login, Pembayaran Tagihan, Transfer dalam Aplikasi Agen
Document2 pages
Registrasi, Login, Pembayaran Tagihan, Transfer dalam Aplikasi Agen
Widyawan Widarto 闘志
No ratings yet
Building Microsoft Teams Integration and Workflows
Document310 pages
Building Microsoft Teams Integration and Workflows
Rafa Moscote
No ratings yet
Create Customer Record (PWM)
Document1 page
Create Customer Record (PWM)
Ram Mohan Mishra
No ratings yet
RDP_DFIR_AD
Document1 page
RDP_DFIR_AD
lekshmanp1
No ratings yet
Datasheet Password Reset Server
Document2 pages
Datasheet Password Reset Server
Radu Costin
No ratings yet
External User (Agent) Registration Use Case-Diagram: Create Online Account
Document16 pages
External User (Agent) Registration Use Case-Diagram: Create Online Account
Sawijames
No ratings yet
External User (Agent) Registration Use Case-Diagram: Create Online Account
Document16 pages
External User (Agent) Registration Use Case-Diagram: Create Online Account
Sawijames
No ratings yet
WeAccess Revised Exhibit 11 - Resetting of Password User ID Activation Unlocking v.2
Document1 page
WeAccess Revised Exhibit 11 - Resetting of Password User ID Activation Unlocking v.2
April Rose Alagos
No ratings yet
Web Application Penetration Testing Checklist: More Than 200 Custom Testcases Prepared By: Tushar Verma Recon Phase
Document13 pages
Web Application Penetration Testing Checklist: More Than 200 Custom Testcases Prepared By: Tushar Verma Recon Phase
holog
No ratings yet
Identity-Centrify PAM in Action: A Step-by-Step Approach
Document1 page
Identity-Centrify PAM in Action: A Step-by-Step Approach
Shahram Samet
No ratings yet
Web Application Penetration Testing Checklist: More Than 200 Custom Test Cases Prepared By: Tushar Verma Recon Phase
Document13 pages
Web Application Penetration Testing Checklist: More Than 200 Custom Test Cases Prepared By: Tushar Verma Recon Phase
Hafa kali
No ratings yet
5 SAP Cloud Identity Access Gov Access Request
Document29 pages
5 SAP Cloud Identity Access Gov Access Request
Sasha Bank
No ratings yet
2007-2008 NEW Electrical Engineering Titles
Document40 pages
2007-2008 NEW Electrical Engineering Titles
meenakshi sharma
No ratings yet
Eoy - CS (Vi) 23-24
Document3 pages
Eoy - CS (Vi) 23-24
www.shahbazhaider165
No ratings yet
Capcut Use
Document16 pages
Capcut Use
Datu Donnavie
100% (1)
Estoque
Document56 pages
Estoque
Gustavo Oliveira
No ratings yet
Super Mario Color by Number
Document13 pages
Super Mario Color by Number
Adriana Cruz
No ratings yet
SAP FMS - Planning
Document38 pages
SAP FMS - Planning
Pallavi Rastogi
No ratings yet
Global Master's in Blockchain Technologies: Master's Degree by The IL3-Universitat de Barcelona
Document4 pages
Global Master's in Blockchain Technologies: Master's Degree by The IL3-Universitat de Barcelona
Aungsinghla Marma
No ratings yet
MA8692 Supplement EU ML
Document4 pages
MA8692 Supplement EU ML
Maxsilva85
No ratings yet
My Updated Resume - MQ Administrator
Document4 pages
My Updated Resume - MQ Administrator
Chiranjeevi K
No ratings yet
11 Training and Support
Document9 pages
11 Training and Support
carsan87
No ratings yet
Automatic Speed Control and Accident Avoidance of Vehicle Using
Document34 pages
Automatic Speed Control and Accident Avoidance of Vehicle Using
K Hari
No ratings yet
Unit 4 - Python
Document10 pages
Unit 4 - Python
Prakash M
No ratings yet
Lab 05 - Boolean Function Implementation
Document10 pages
Lab 05 - Boolean Function Implementation
Nashowan Gamal Alhadrmi
No ratings yet
Automate financial consolidation and reporting
Document2 pages
Automate financial consolidation and reporting
Sarwar Golam
No ratings yet
Computeractive - 27 September 2023
Document76 pages
Computeractive - 27 September 2023
9stm1q96
No ratings yet
Adc 1
Document29 pages
Adc 1
A10-14Rajat Kumar
No ratings yet
Manual Sigma
Document2 pages
Manual Sigma
espartanotpm
No ratings yet
Process Synchronization: Silberschatz, Galvin and Gagne ©2013 Operating System Concepts - 9 Edition
Document66 pages
Process Synchronization: Silberschatz, Galvin and Gagne ©2013 Operating System Concepts - 9 Edition
Utkarsh
No ratings yet
Leach Routing Protocol Implementation in ns2
Document38 pages
Leach Routing Protocol Implementation in ns2
regragui
50% (2)
PACOM 8003 Intelligent Controller Datasheet
Document4 pages
PACOM 8003 Intelligent Controller Datasheet
ADA
100% (1)
Jam Digital: Praktikum Komponen List
Document11 pages
Jam Digital: Praktikum Komponen List
Muhaimin Hasanudin
No ratings yet
Importance of The Management Information System
Document2 pages
Importance of The Management Information System
Kazim Azrul
No ratings yet
San Gabriel Senior High School Poblacion, San Gabriel, La Union Formative Test Empowerement Technologies-11 (Quarter 4)
Document2 pages
San Gabriel Senior High School Poblacion, San Gabriel, La Union Formative Test Empowerement Technologies-11 (Quarter 4)
Glenda Astodillo
No ratings yet
Instruction 1115 Fuel Limit Adjustment
Document9 pages
Instruction 1115 Fuel Limit Adjustment
Sergei Kurpish
No ratings yet
Datasheet FLOWSIC600-XT p406745 en
Document22 pages
Datasheet FLOWSIC600-XT p406745 en
Marco Apodaca
No ratings yet
Security Quiz
Document5 pages
Security Quiz
Ianne Merh
100% (1)
Fas 22
Document15 pages
Fas 22
sam tariq
No ratings yet
Program 2
Document8 pages
Program 2
api-515961562
No ratings yet
Etulink Product Map
Document30 pages
Etulink Product Map
Alexander Pischulin
No ratings yet
Computer Fundamentals Guide
Document17 pages
Computer Fundamentals Guide
Mohit Pachar
No ratings yet