Azure AD is used by Microsoft Office 365 and over 2900 third-party apps. Although Azure AD is commonly regarded as secure, there are known security issues regarding to identity federation, pass-through authentication, and seamless single-sign-on.
In this session, using AADInternals toolkit, I will demonstrate how to create backdoors, impersonate users, and bypass MFA. Methods for detecting rogue behaviour are also introduced.
The purpose of this session is to raise awareness of the information security, the importance of the principle of least privilege, and the crucial role of on-prem security to cloud security.
source
More About This Author

Array
YouTube2021.07.09Scottish Summit YouTube Promo – YouTube
YouTube2021.04.05Natraj Yegnaraman – Becoming an Action hero with GitHub and Power Platform – YouTube
YouTube2021.04.05EE Lane Yu – Tips to Build Inclusive Canvas Power Apps – YouTube
YouTube2021.03.31Wriju Ghosh – Web Developers Journey to Cloud – YouTube