Attacking with Automation: How Office 365 automation provides another new risk to the cloud

Attacking with Automation: How Office 365 automation provides another new risk to the cloud

Office 365 is already an integral process of everyday business that empowers corporations the flexibility to get the job done faster and more efficiently. But what happens when, those same processes turn on you, and bypass protections that were meant to mitigate risks, and become undocumented features?This talk will begin by showing how to exfiltrate inbox data over an infinite amount of time without the use of Exchange Rules, PowerShell or Physical Access to the victim machine all while being resilient to password changes. Finally I'll demonstrate how to issue command and control commands through innocuous looking emails to perform actions within the Office 365 Environment where I can interact with an on premise host and bypass security controls such as DLP, AV and Firewall.

Presented by