The Microsoft Email Hack - Service/User Accounts Used for OAUTH SSO w/ Greg Kutzbach Artwork

#AuditTuesday GRC Podcast

Every Tuesday we're sharing valuable content for you with the leading authorities in GRC, Compliance and Identity Security.

All Episodes

#AuditTuesday GRC Podcast

The Microsoft Email Hack - Service/User Accounts Used for OAUTH SSO w/ Greg Kutzbach

February 29, 2024 • YouAttest • Season 2 • Episode 6

Who: Greg Kutzbach, Digital Forensic Expert, Exhibit A Cyber

Garret Grajek, CEH, CISSP, CEO of YouAttest

Microsoft just suffered a major attack on their internal email systems. The culprits were deemed to be Russian state actors.

It appears the attackers overtook “legacy” accounts and created malicious OAUTH access. Cyber forensic expert Greg Kutzbach, an expert on digital discovery, will spell out the hack, and more importantly, how organizations can defend themselves.

The start of the solution to this problem is review of the permissions - especially the permissions on service accounts. YouAttest will show how enterprises can both review their current accounts and be triggered on changes in permission on service and other key accounts.

Need to automate your identity audits? Contact us at YouAttest - we will show you how - https://youattest.com/contact/