For this webcast we cover a couple of different topics.
First, we talk about how to password spray in a non-attributable sort of way. Beau found a way to obfuscate what RDP logs record with launching password spraying attacks. This has implications for UBEA. It is… kind of cool.
Second, we cover how to do recon against Azure Active Directory. We are seeing a huge push by organizations to move to cloud AD. And what is not to love? Placing your most sensitive authentication and authorization asset directly on the Internet…What could possibly go wrong? Well, watch and find out.
Slides available here: https://blackhillsinformationsecurity.shootproof.com/gallery/8463077