~ 2 min read

Exploiting the O365 Duo 2FA Misconfiguration

An interesting talk on understanding the O365 Duo 2FA misconfiguration and how it can be detected and remediated.

Introduction

‍

A lot of companies implement Duo 2-Factor Authentication for O365. If this is not configured properly, it can allow mobile clients to authenticate without triggering the Duo prompt.

This video has been presented by Cassandra Young. She is a security professional focussing on cloud security architecture and engineering. She is also one of the organisers of Blue Team Village.

This video is part of the tech talks presented at Cloud Village. Cloud Village is an open space dedicated for people interested in cloud security and conducts various activities like talks, workshops, CTFs, and discussions around cloud. 

‍

What to expect from this video

‍

Following topics have been covered in this video:

  1. Overview of O365 Authentication Types and Email Protocols
  2. Understanding the Misconfiguration
  3. Conditional Access Policies in Azure Active Directory
  4. Understanding Conditions
  5. Apple’s iOS Mail App Use Case
  6. A look at Conditional Access Policies before and after August 2020
  7. Detecting the Misconfiguration
  8. Remediating the Misconfiguration

‍

‍

Key Takeaways

‍

This video introduces you to O365 authentication types and various email protocols. The presenter gives an overview of conditional access policies in Azure Active Directory and explains what leads to the misconfiguration. An interesting use case of Apple’s iOS Mail App has been presented to demonstrate the misconfiguration. Cassandra Young also shares ways to detect this misconfiguration and what one can do to remediate it.

‍

***

‍

This article is brought to you by Kloudle Academy, a free e-resource compilation, created and curated by Kloudle. Kloudle is a cloud security management platform that uses the power of automation and simplifies human requirements in cloud security. Receive alerts for Academy by subscribing here.

;