Sign up to save your podcasts
Or
Share How a Pharmacist Became a Pro Hacker (And What She Found in YOUR Tenant)
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
How a Pharmacist Became a Pro Hacker (And What She Found in YOUR Tenant)
Cybersecurity expert Erica shares her incredible journey from pharmacist to becoming a professional hacker. She reveals how attackers are bypassing modern security controls like MFA and what you can do to protect your tenant.
We talk about the most common configuration vulnerabilities that exist in almost every organization, the dangers of application onboarding, and the top five phishing vectors threat actors are using to gain initial access, including clever abuses of Microsoft Teams.
Subscribe with your favorite podcast player or watch on YouTube ๐
About Erica
Erica has an amazing career arc, starting in pharmacy before pivoting to cybersecurity. With a deep, hands-on understanding of offensive security gained from platforms like Hack the Box and real-world penetration testing, she specializes in protecting and defending Microsoft Cloud tenants. Erica is passionate about sharing her knowledge on how to better protect your tenant and what bad guys are looking for.
LinkedIn - https://www.linkedin.com/in/erica-z-b4169598/
๐ Related Links
* Blog - https://ericazelic.medium.com/
* Hack The Box - https://www.hackthebox.com/
* Altered Security - https://www.alteredsecurity.com/
๐ Chapters
00:00:00 Intro
00:02:14 From Pharmacy to Cybersecurity
00:07:19 Learning to Hack with Hack The Box
00:11:45 The First Cloud Hack: M365 Public Groups
00:17:50 The Hidden Dangers of App Onboarding
00:25:53 The 5 Modern Phishing Attack Vectors
00:30:36 Bypassing MFA with Device Code Phishing
00:34:34 Adversary-in-the-Middle & Auth Downgrade Attacks
00:48:24 The Secret to Mastering Cybersecurity Skills
Podcast Apps
๐๏ธ Entra.Chat - https://entra.chat
๐ง Apple Podcast โ https://entra.chat/apple
๐บ YouTube โ https://entra.chat/youtube
๐บ Spotify โ https://entra.chat/spotify
๐ง Overcast โ https://entra.chat/overcast
๐ง Pocketcast โ https://entra.chat/pocketcast
๐ง Others โ https://entra.chat/rss
Merill's socials
๐บ YouTube โ youtube.com/@merillx
๐ LinkedIn โ linkedin.com/in/merill
๐ค Twitter โ twitter.com/merill
๐บ TikTok โ tiktok.com/@merillf
๐ฆ Bluesky โ bsky.app/profile/merill.net
๐ Mastodon โ infosec.exchange/@merill
๐งต Threads โ threads.net/@merillf
๐ค GitHub โ github.com/merill
Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe
View all episodes
By Merill Fernando
5
55 ratings
Cybersecurity expert Erica shares her incredible journey from pharmacist to becoming a professional hacker. She reveals how attackers are bypassing modern security controls like MFA and what you can do to protect your tenant.
We talk about the most common configuration vulnerabilities that exist in almost every organization, the dangers of application onboarding, and the top five phishing vectors threat actors are using to gain initial access, including clever abuses of Microsoft Teams.
Subscribe with your favorite podcast player or watch on YouTube ๐
About Erica
Erica has an amazing career arc, starting in pharmacy before pivoting to cybersecurity. With a deep, hands-on understanding of offensive security gained from platforms like Hack the Box and real-world penetration testing, she specializes in protecting and defending Microsoft Cloud tenants. Erica is passionate about sharing her knowledge on how to better protect your tenant and what bad guys are looking for.
LinkedIn - https://www.linkedin.com/in/erica-z-b4169598/
๐ Related Links
* Blog - https://ericazelic.medium.com/
* Hack The Box - https://www.hackthebox.com/
* Altered Security - https://www.alteredsecurity.com/
๐ Chapters
00:00:00 Intro
00:02:14 From Pharmacy to Cybersecurity
00:07:19 Learning to Hack with Hack The Box
00:11:45 The First Cloud Hack: M365 Public Groups
00:17:50 The Hidden Dangers of App Onboarding
00:25:53 The 5 Modern Phishing Attack Vectors
00:30:36 Bypassing MFA with Device Code Phishing
00:34:34 Adversary-in-the-Middle & Auth Downgrade Attacks
00:48:24 The Secret to Mastering Cybersecurity Skills
Podcast Apps
๐๏ธ Entra.Chat - https://entra.chat
๐ง Apple Podcast โ https://entra.chat/apple
๐บ YouTube โ https://entra.chat/youtube
๐บ Spotify โ https://entra.chat/spotify
๐ง Overcast โ https://entra.chat/overcast
๐ง Pocketcast โ https://entra.chat/pocketcast
๐ง Others โ https://entra.chat/rss
Merill's socials
๐บ YouTube โ youtube.com/@merillx
๐ LinkedIn โ linkedin.com/in/merill
๐ค Twitter โ twitter.com/merill
๐บ TikTok โ tiktok.com/@merillf
๐ฆ Bluesky โ bsky.app/profile/merill.net
๐ Mastodon โ infosec.exchange/@merill
๐งต Threads โ threads.net/@merillf
๐ค GitHub โ github.com/merill
Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe
More shows like Entra.Chat
View all
StarTalk Radio
14,347 Listeners
The Infinite Monkey Cage
1,951 Listeners
WSJ Tech News Briefing
1,649 Listeners
Risky Business
372 Listeners
Down the Security Rabbithole Podcast (DtSR)
99 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
652 Listeners
Click Here
418 Listeners
Microsoft Cloud IT Pro Podcast
66 Listeners
Darknet Diaries
8,078 Listeners
Hacking Humans
315 Listeners
Three Buddy Problem
61 Listeners
Hybrid Identity Protection Podcast
3 Listeners
CISO Tradecraftยฎ
48 Listeners
Risky Bulletin
45 Listeners
Critical Thinking - Bug Bounty Podcast
55 Listeners