This week, Adam and Andy talk about Microsoft Teams and the post-exploit technique that was discovered by Vetra's Project Team and the decision of Patreon to lay off their entire internal information security team. The also talk about Uber's on-going cybersecurity incident including some initial reports of how it happened as well as mitigations to prevent this type of attack in the future.

-------------------------------------------

Youtube Video Link: https://youtu.be/FWnEma4hOWQ

-------------------------------------------

Documentation:

https://www.vectra.ai/blogpost/undermining-microsoft-teams-security-by-mining-tokens

https://techcrunch.com/2022/09/09/patreon-security-layoffs/

https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-passwordless

https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-authentication-passwordless-faqs

-------------------------------------------

Contact Us:

Website: http://bluesecuritypod.com

Twitter: https://twitter.com/bluesecuritypod

Linkedin: https://www.linkedin.com/company/bluesecpod

Youtube: https://www.youtube.com/c/BlueSecurityPodcast

Instagram: https://www.instagram.com/bluesecuritypodcast/

Facebook: https://www.facebook.com/bluesecpod

Twitch: https://www.twitch.tv/bluesecuritypod

-------------------------------------------

Andy Jaw

Twitter: https://twitter.com/ajawzero

LinkedIn: https://www.linkedin.com/in/andyjaw/

Email: [email protected]

-------------------------------------------

Adam Brewer

Twitter: https://twitter.com/ajbrewer

LinkedIn: https://www.linkedin.com/in/adamjbrewer/

Email: [email protected]