Hackers Abuse Low-Code Platforms And Turn Them Against Their Owners

less than 1 minute read

Last year, Microsoft’s Detection and Response Team (DART) published the timeline of an attack which leveraged Power Platform, Microsoft’s low-code platform. Using live-off-the-land techniques, the attackers were able to exfiltrate sensitive corporate data and maintain complete Office 365 access for 240 days! This post presents an in-depth analysis of the attack.

Direct Link

Share on

Twitter Facebook LinkedIn

Safe Web Browsing for Copilots

1 minute read

Allowing a copilot to search the web at will is extremely dangerous. Here are two somewhat-understood vulnerabilities and how to mitigate them. Note: this is...

Followup links for All You Need Is Guest RSAC 2024

less than 1 minute read

Assorted links for All You Need Is Guest @ RSAC 2024:

Power Platform DLP Bypass via Copy-And-Paste

6 minute read

Last August I gave a talk at BlackHat USA titled All You Need Is Guest. In it, I showed how simple guest access to EntraID could be escalated into full contr...

All You Need Is Guest

7 minute read

This is a long overdue blog version of a talk I gave at BlackHat USA 2023 titled All You Need Is Guest. Slides and video recording are available as well.

Michael Bargury