“Probably the most essential for Cloud Security”

Sign in Get a demo

Past event

Speaking session

BingBang: Hacking Bing.com (and much more) with Azure Active Directory

Oceanside C, Level 2

August 9, 2023, 11:20 AM

In cloud-managed environments, exposing one of your most sensitive assets to external attackers can be as simple as clicking a checkbox.

This was the case for Bing.com with their Azure Active Directory (AAD) integration, where a single misconfiguration enabled us to bypass authentication, alter search results, and launch XSS attacks on its users stealing their Office 365 tokens. However, Bing was not an isolated case. Join us to learn how to identify and map exposed Azure AD applications, as well as how to protect them in your environment.

Speakers

Hillai Ben-Sasson
Senior Security Researcher at Wiz

Related Events

Wiz hosted party

WIZ Happy hour at 1923 Prohibition Bar

1923 Prohibition Bar

August 8, 2023, 19:00 PM

Sponsored by Wiz

Cyberstarts and its portfolio companies party at Black Hat

Lupo by Wolfgang Puck at Mandalay Bay Resort & Casino

August 9, 2023, 19:30 PM

Speaking session

Anatomy of a Cloud Attack: Insights from Real-Life Experiences

Business Hall – Theatre C

August 10, 2023, 10:55 AM

View all events

Didn't find what you were looking for?

Check out our live training sessions for Wiz users (requires login)