Päivän agendalla helikopteri ja mäyrä, eli Exchange RCE, Brute Ratel ja muutama sana MFA:n kiertämisestä.
MFA Fatigue & Chromium Application Mode:

• https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/defend-your-users-from-mfa-fatigue-attacks/ba-p/2365677
• https://mrd0x.com/phishing-with-chromium-application-mode/

Exchange RCE:

• https://www.microsoft.com/security/blog/2022/09/30/analyzing-attacks-using-the-exchange-vulnerabilities-cve-2022-41040-and-cve-2022-41082/
• https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
• https://twitter.com/gossithedog/status/1578415137031352320?s=46&t=KeVQW4u6YTNTnCmlBUSlKw

Brute Ratel:

• https://www.splunk.com/en_us/blog/security/deliver-a-strike-by-reversing-a-badger-brute-ratel-detection-and-analysis.html
• https://research.splunk.com/stories/brute_ratel_c4/

Intro & Outro music by Ephmerix @ https://ephmerix.com/
Graphics by Panu Palm @ https://panupalm.fi/

Instagram: https://www.instagram.com/uhkametsa/
Linkedin: https://www.linkedin.com/company/uhkametsa/
X: https://twitter.com/uhkametsa