BEGIN:VCALENDAR
VERSION:2.0
PRODID:Data::ICal 0.24
BEGIN:VEVENT
DESCRIPTION:   'Title: From Feature to Weapon: Breaking Microsoft Teams and
 \n   SharePoint Integrity\n   When: Saturday\, Aug 12\, 12:00 - 12:45 PDT\
 n   Where: Caesars Forum - Academy - 407-410 - Track 4 - [1]Map\n\n   Spea
 kerBio:Nestori Syynimaa \, Senior Principal Security Researcher at\n   Sec
 ureworks\n   Dr Nestori Syynimaa is one of the leading Azure AD / M365 exp
 erts in\n   the world and the developer of the AADInternals toolkit. He ha
 s worked\n   with Microsoft cloud services for over a decade and has been 
 MCT since\n   2013\, MVP since 2020\, and awarded Microsoft Most Valuable 
 Security\n   Researcher for 2022. Currently\, Dr Syynimaa works as a Senio
 r\n   Principal Security Researcher for Secureworks Counter Threat Unit.\n
    Before moving to his current position\, Dr Syynimaa worked as a CIO\,\n
    consultant\, trainer\, researcher\, and university lecturer for almost 
 20\n   years. Dr Syynimaa has spoken in many international scientific and\
 n   professional conferences\, including IEEE TrustCom\, Black Hat (USA\,\
 n   Europe\, and Asia)\, Def Con\, and RSA Conference.\n   Twitter: [2]@Dr
 AzureAD\n\n   Description:\n   Microsoft SharePoint Online (SPO) is a clou
 d-based service that helps\n   organizations share and manage content. It 
 is also used as backend\n   file storage for other Microsoft online servic
 es\, such as Microsoft\n   365 Groups\, OneDrive\, and Teams.\n\n   Micros
 oft offers tools such as Migration Manager and SharePoint\n   Migration To
 ol (SPMT) to ease migrating files from on-premises file\n   servers to SPO
 \, OneDrive\, and Teams. Both tools use the same\n   background APIs to pe
 rform the data migration. Technically\, the\n   migration is leveraging th
 e built-in Granular Backup feature of\n   on-premises SharePoint\, which a
 llows exporting and importing\n   individual SharePoint sites and lists. T
 he Granular Backup feature is\n   not available in SharePoint Online.\n\n 
   In this talk\, I'll show how threat actors can leverage SPO migration\n 
   APIs to break the integrity of all Microsoft online services that use\n 
   SPO as storage. Threat actors can spoof new content and tamper with\n   
 existing content\, and inject custom code to perform XSS attacks. This\,\n
    in turn\, enables elevation-of-privilege attacks to all Microsoft\n   O
 nline services\, including Azure Active Directory. And all this as a\n   r
 egular user.\n\n   '\n\n   1. #CaesarsAcademyBR\n   2. https://twitter.com
 /DrAzureAD\n\n\n
DTEND:20230812T194500Z
DTSTART:20230812T190000Z
LOCATION:DC - Caesars Forum - Academy - 407-410 - Track 4
SUMMARY:From Feature to Weapon: Breaking Microsoft Teams and SharePoint Int
 egrity
END:VEVENT
END:VCALENDAR