

Episode 97: Current State of M365 Attacks: Enumeration
Jun 19, 2024
In this discussion, Tyler Roberts, a Microsoft 365 security expert and penetration tester, delves into the latest enumeration techniques used in attacks against M365. He explains how attackers identify tenants and validate accounts, spotlighting the risks associated with user enumeration and password spraying. Roberts emphasizes the importance of strong security measures, including multi-factor authentication, and sheds light on vulnerabilities in services like SharePoint. IT admins gain actionable insights to better protect their organizations from these evolving threats.
Chapters
Transcript
Episode notes
1 2 3 4 5
Intro
00:00 • 2min
The Importance of Enumeration in Penetration Testing
01:55 • 3min
Enumeration in Microsoft 365 Attacks
04:30 • 7min
Unlocking Vulnerabilities: User Enumeration in Microsoft 365
11:38 • 12min
Understanding Vulnerabilities and Enumeration in Microsoft 365 Attacks
23:42 • 2min