Defending Against New Phishing Attacks that Abuse OAuth Authorization Flows

Available On Demand
Thursday, Jun. 9, 2022
9:40 AM - 10:30 AM PT
Moscone West 3018

Users are prompted to login at the real Microsoft login page, real domain, real cert, and also have MFA enabled. But they've just been phished by a new attack that abuses the OAuth authorization protocol. The attacker is not stopped by the MFA controls and has full access to all of the Microsoft data including Office and Azure. This session will show how to detect and mitigate these phishing attacks.

Interested? We have you covered! This popular session will also be streamed live in The Session Viewing Point, West Level 2 Room 2004.


Session Video

Participants
Jenko Hwong

Speaker

Cloud Security Researcher, Netskope

Hackers & Threats Identity

cloud security hackers & threats identity management & governance phishing access control



Session Code
IDY-R02

Topic/Track
Identity

Type/Format
Track Session

Classification
Intermediate - Technical

Pass Requirements
  • Full Conference
  • Press
  • College Day
  • Digital Pass
  • Speaker


Share With Your Community