[0x54504D] - The Virtual Meet
Details
[0x54504D] - The Virtual Meet
After embracing the new normal, the brightest, most anticipated holiday season comes with a health warning. Amid an intense heatwave, being cool or keeping a cool head at work or anywhere else is hard. Everyone needs to recharge to keep up with the insane InfoSec world. Nevertheless, we'll surely figure out how to find the time for a most deserved break from the daily grind. Before heading, maybe for a marathon of postponed weddings, concerts, and parties, or a spiritual retreat, here's an overview of our last event before the summer break.
This time we'll have the amazing honor of receiving Dirk-jan Mollema (@_dirkjan), hacker and researcher of Active Directory and Azure AD at Outsider Security. You may be familiar with aclpwn, krbrelayx, mitm6, and the Azure AD ROADtools framework, some of the open-source tools published to advance the state of (Azure) AD research. In his blog dirkjanm.io, he posts about attack chains, which included, for instance, the discovery of the PrivExchange vulnerability. Mollema also regularly shares his work at several key conferences.
Together, we'll explore one of his latest research quests, "Breaking Azure AD joined endpoints in zero-trust environments." If you are clueless about how Azure AD, Trusted Platform Module (TPM), and zero-trust environments are connected or how messy they can be, you probably won't want to miss this journey, from discovery to patch (eventually) a walk through the vulnerabilities details. This may well be the route map you need to keep out of a sticky situation.
In the meantime, you can join our Slack chat (*) to discuss all kinds of hackish stuff and, of course, interact with other members.
*https://bit.ly/3JlVVjX
Hope to see you soon!
[Goals]
Learn something new, get to know other g33ks, and, the most important thing, have fun.
[Agenda]
"Breaking Azure AD joined endpoints in zero-trust environments" (EN) by Dirk-jan Mollema
Note: And the usual challenge write-up.
[Challenge]