Abusing Azure Active Directory: From MFA Bypass to Listing Global Administrators
The majority of Fortune 500 organizations are using Azure Active Directory (Azure AD) as Identity and Access Management (IAM) solution. The high adoption rate makes Azure AD a lucrative target for threat actors, including statesponsored actors like APT29, Nobelium. Azure AD is leveraging Microsoft s notsowelldocumented Evolved Security Service (eSTS). eSTS hides multiple security token services so that users see only Azure By: Sravan Akkaram, Nestori Syynimaa (DrAzureAD) Full Abstract and Presentation Materials:
|
|