Varonis -CYBER ATTACK WORKSHOP

Hacker Snacks: Those Cookies Will Go Straight to Your SaaS

Watch our hacker compromise one user and gain persistent access to many SaaS apps.

We’ll use a reverse HTTP tunnel to evade common detections, steal cookies and credentials, and make AWS, GitHub, and Salesforce data publicly accessible!

Learn how SaaS authentication works, watch the attack unfold, and see how DatAdvantage Cloud spots suspicious activity.

It’ll be recorded. So if you can’t make it, register and we’ll send you the replay.

The first 100 people to register will be entered to win a $250 (€/£ equivalent available) gift card during the session! (You must attend the session to win)

Here’s a High-Level Overview of How this Attack Plays Out:

• An attacker targets a user through a phishing email to establish a C2 channel
• Uses homemade script to dump all credentials and cookies from the user’s browser
• Sets up a reverse tunnel to bypass geohopping and network-based alerts
• Bypasses MFA using stored cookies and token from the user
• Shares out SaaS repositories to be used in the future without detection
• Sets up API access in Salesforce to siphon vital company information

After we walk through the attack, our team will use DatAdvantage Cloud to investigate what alerts would have been triggered during the attack and how this could be easily mitigated with the appropriate visibility.

This webinar will be recorded. So if you can’t make it, register now and we’ll send you the replay.

All attendees are eligible to earn 1 (ISC)² CPE credit!