Friday 13 November 2020, 11am-12noon (GMT)
With the shift in the remote workforce, attacks are on the increase. We will demonstrate how hackers can attack cloud applications like Office 365. You will see how an attacker gains access to SharePoint online using a phishing attack and proceeds to access sensitive organisational files, move laterally from Cloud to on-prem and even escalate privileges to gain access to a CEO’s mailbox. Piece of cake!
During the session, you will get to see how Dave:
- Tricks a user into entering creds into our fake O365 login page (made with Evilginx)
- Makes Microsoft send a passcode to the user’s phone
- Enters the user’s passcode on OUR fake page
- Hijack’s the user’s session token
- Gains access to SharePoint Online environment
- Exfiltrates data from O365
- Pivots to on-prem and steal CEO’s emails… because why not?!
Join us as we show you how this attack is executed and how you can detect and respond.
Martin Smith MBE (info), Chairman & Founder, The SASIG
Dave Philpotts (info), Security Engineer, Varonis