Threat Update 78 - Abusing Power Automate to Exfiltrate Data from Microsoft 365
source link: https://www.varonis.com/blog/threat-update-78-abusing-power-automate-to-exfiltrate-data-from-microsoft-365
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Inside Out Security Blog / Data Security
Threat Update 78 - Abusing Power Automate to Exfiltrate Data from Microsoft 365
Automation is key when trying to manage and protect your ever-increasing infrastructure and data footprint—especially in Microsoft 365. Smart attackers have been living off the land for years, abusing built-in functionality for malicious purposes—and Microsoft 365 is no exception.
Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team explore how a powerful, built-in tool called Power Automate can be configured to automatically exfiltrate data out of Microsoft 365 environments and what organizations can do to detect it.
Kilian Englert
Kilian has a background in enterprise security engineering, as well as security solution selling. Kilian is a Certified Information Systems Security Professional (CISSP) and creates internal and public content on topics related to cyber security and technology best practices.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK