Here’s How the Microsoft Cloud Gets Hacked
… a few different IP addresses to attempt to break into an account.
Metcalf describes a customer that had no MFA configured on any accounts, enabling an attacker to password-spray any environment. Because cloud and on-premises systems had the same passwords, they could break into one account, connect to a VPN, and gain access to a corporate environment.
“That’s an extension of how bad an attack like that can be,” Metcalf says.
The two hope attendees take away a better understanding of security risks inherent to cloud services, how attackers exploit misconfigurations, and where they might be vulnerable. While their content is focused on Microsoft, some attack and defense topics apply to other providers.
Kelly Sheridan is the staff editor at Channel Futures’ sister site, Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial services. You can follow her on Twitter @kellymsheridan.
- Page 1
- Page 2