Most common O365 attack vectors

Severity

High

Date

28 September 2021, 23:00:00

Impact

-

Type

Threat/Attack Vector

Poor security configuration

28 Sept 2021

Included: Azure AD PowerShell, domain and user enumeration, bruteforce via OWA, EWS, OAuth, Auto Login, AAD sign-in form, golden SAML and others.

Description

Affected Products

Recommendations

References