Episode 97: Current State of M365 Attacks: Enumeration

In this discussion, Tyler Roberts, a Microsoft 365 security expert and penetration tester, delves into the latest enumeration techniques used in attacks against M365. He explains how attackers identify tenants and validate accounts, spotlighting the risks associated with user enumeration and password spraying. Roberts emphasizes the importance of strong security measures, including multi-factor authentication, and sheds light on vulnerabilities in services like SharePoint. IT admins gain actionable insights to better protect their organizations from these evolving threats.