Unveiling the Power of Intune: Leveraging Intune for Breaking Into Your Cloud and On-Premise

Microsoft Intune is a cloud-based endpoint management solution designed to manage a variety of devices, including PCs and mobile devices across multi platforms. This solution assists IT administrators with tasks such as configuration management, compliance assessment, and data protection. Therefore, an increasing number of enterprises are adopting Intune for their device management needs. In this presentation, we will share insights into the internal mechanisms discovered through the analysis of Intune. During our research, we identified several under-documented features (which Microsoft does not classify as vulnerabilities) that allow attackers to easily bypass Condtional Access in Microsoft Entra ID by leveraging Intune. Furthermore, by abusing Intune's various capabilities, we discovered that attackers could gain access to on-premises Active Directory and internal network infrastructure. We will disclose the techniques and tools used to exploit Intune for breaching both cloud and on-premises infrastructures. Additionally, we will provide recommendations to secure your corporate IT environment against these disclosed attack vectors. By: Yuya Chudo | Principal Consultant, Secureworks Japan K. K. Full Abstract and Presentation Materials: https://ift.tt/RrcomBO

source https://www.youtube.com/watch?v=YX5P99JUwlw