For this podcast we cover a couple of different topics.
First, we talk about how to password spray in a non-attributable sort of way. Beau found a way to obfuscate what RDP logs record with launching password spraying attacks. This has implications for UBEA. It is… kind of cool.
Second, we cover how to do recon against Azure Active Directory. We are seeing a huge push by organizations to move to cloud AD. And what is not to love? Placing your most sensitive authentication and authorization asset directly on the Internet…What could possibly go wrong? Well, watch and find out.
Slides available here: https://blackhillsinformationsecurity.shootproof.com/gallery/8463077
Want to know when our next live webcast is? Sign up for our emails here:https://blackhillsinfosec.us15.list-manage.com/subscribe?u=e12efe2af6573cc76c90fc019&id=b7b017ed3a