Microsoft Teams, Patreon, and Uber

This week, Adam and Andy talk about Microsoft Teams and the post-exploit technique that was discovered by Vetra's Project Team and the decision of Patreon to lay off their entire internal information security team. The also talk about Uber's on-going cybersecurity incident including some initial reports of how it happened as well as mitigations to prevent this type of attack in the future. ------------------------------------------- Youtube Video Link: https://youtu.be/FWnEma4hOWQ ------------------------------------------- Documentation: https://www.vectra.ai/blogpost/undermining-microsoft-teams-security-by-mining-tokens https://techcrunch.com/2022/09/09/patreon-security-layoffs/ https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-passwordless https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-authentication-passwordless-faqs ------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: [email protected] ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: [email protected]