Dr Nestori Syynimaa
Senior Principal Security Researcher Secureworks
BIOGRAPHY
Dr Nestori Syynimaa is one of the leading Azure AD / M365 experts in the world and the developer of the AADInternals toolkit. He has worked with Microsoft cloud services for over a decade and has been MCT since 2013, MVP since 2020, and awarded Microsoft Most Valuable Security Researcher since 2021. Currently, Dr Syynimaa works as a Senior Principal Security Researcher for Secureworks Counter Threat Unit. Before moving to his current position, Dr Syynimaa worked as a CIO, consultant, trainer, researcher, and university lecturer for almost 20 years.
Dr Syynimaa has spoken in many international scientific and professional conferences, including IEEE TrustCom, Black Hat Arsenal USA & Europe, RSA Conference, DefCon Cloud Village and DefCon Demo Labs.
Abusing Azure AD pass-through authentication vulnerabilities
In May 2022, Secureworks Counter Threat Unit (CTU) researcher found multiple vulnerabilities in one of the Microsoft Azure Active Directory (Azure AD) authentication methods, Pass-through Authentication (PTA). These flaws allow threat actors to gain persistent and undetected access to the target organisation, impersonate users, gather credentials, and perform Denial of Service (DoS) attacks remotely. Microsoft has categorised these vulnerabilities as by-design.
In this talk, we will cover the details of the flaws and show how they can be exploited in action. We will also show how to harden your environment to protect against PTA attacks and detect whether your environment has been compromised.
Are you the next cyber security superstar?
If you are passionate about an information security topic or you have strong technical skills developing researches on your own, you should definitely Apply at Call for Papers. By submitting you will have the chance to showcase your work to +2000 attendees.
Other speakers joining this year
Ionut Cernica
Application Security Engineer
Dan Demeter
Security Researcher
Amirhossein Aliakbarian
Application Security Engineer Booking Holdings
Ready for this year's presentations?
By registering you will unlock access to 60+ speakers and two full days with cyber security news & showcases from worldwide leaders.
COMPETITIONS
Sponsors & Partners
They help us make this conference possible.
POWERED BY
Orange Business is a key division of Orange Romania, specializing in providing cutting-edge communication, technology, and digital transformation solutions tailored to businesses of all sizes. With a strong emphasis on innovation, Orange Business offers a wide array of services, including high-speed connectivity, cloud computing, cybersecurity, Internet of Things (IoT), and managed services. Their mission is to support organizations in their digital transformation journey by enhancing operational efficiency, improving customer experience, and maintaining a competitive edge in a rapidly changing digital environment.
Orange Business combines deep technological expertise with a customer-centric approach, ensuring that each solution is customized to meet the specific needs of their clients. Their commitment to innovation and excellence makes them a trusted partner for businesses seeking to thrive in the digital age.
PLATINUM PARTNERS
GOLD PARTNERS
SILVER PARTNER
BRONZE PARTNERS
HACKING VILLAGE PARTNERS
EXHIBITORS
VIP LOUNGE POWERED BY
ORGANIZER
INTERNATIONAL COMMUNITY PARTNERS
MEDIA PARTNERS
