Threat Update 56 – SSO Imposter: Targeting Box

In the final part of the series, Kilian Englert and Ryan O’Boyle from the Varonis Cloud Architecture team walk through how attackers could target Box. They investigate how an attacker who compromised a single sign-on admin account can maximize their effort, perform recon on a connected Box environment, elevate account rights, and make malicious configuration changes to allow anonymous data sharing.

Ryan and Kilian also discuss tips on how organizations can defend against these types of attacks.

.youtube_sc iframe.yp{display:none;}

The Adobe Flash Player is required for video playback.
Get the latest Flash Player or Watch this video on YouTube.

👉Watch more attack scenarios here: https://www.varonis.com/webinars/

👋To learn how else we can help, please visit us at: https://www.varonis.com/help/

What you should do now

Below are three ways we can help you begin your journey to reducing data risk at your company:

Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
Download our free report and learn the risks associated with SaaS data exposure.
Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.

Kilian Englert

Kilian has a background in enterprise security engineering, as well as security solution selling. Kilian is a Certified Information Systems Security Professional (CISSP) and creates internal and public content on topics related to cybersecurity and technology best practices.