Cyber attacks have become increasingly sophisticated, often targeting users through collaboration tools like Microsoft Teams. Attackers leverage techniques like AiTM (Adversary-in-the-Middle) to steal user credentials and execute automated data exfiltration before defenders even realise what’s happening. Organisations need to understand these emerging threats and how to defend against them effectively using Microsoft technologies.

What will be covered:
- How Teams phishing and social engineering attacks can unfold and mitigation techniques using Teams, and Defender for Office 365.
- Credential theft through AiTM reverse proxy attacks and the role that Conditional Access, Entra ID and Defender XDR has in mitigating these threats.
- Potential attacker footholds (persistence), how you can limit and proactively threat hunt for potential attempts.
- How to effectively configure Privileged Identity Management to stop privilege escalation in it's tracks.
- Automated data exfiltration and how Microsoft Purview and Defender for Cloud Apps provide visibility and protection.

By joining this session, attendees will gain a practical understanding of how cyber attacks evolve through phishing, session theft, and data exfiltration. They will learn how to deploy Microsoft’s security solutions to detect, prevent, and mitigate these threats, strengthening their defences against real-world attacks.

Products:
Defender for Office 365, Defender for Endpoint, Defender for Cloud Apps, Defender for Identity, Entra Identity Protection, Conditional Access, Privileged Identity Management, Microsoft Information Protection.

This session was delivered at Scottish Summit 2024 but with a Harry Potter twist to it - Decided to switch it up and remove the HP theme.