About seven months ago at Defcon, Zenity CTO Michael Bargury presented security research that discovered and outlined a way to take over Microsoft Power Automate enabling bad actors to send ransomware to connected machines by using Power Automate as it was designed. By simply taking over an endpoint, our research showed that attackers can run their own payloads and execute malware by assigning machines to a new administrative account using a basic command line.

Hello everyone! I’m Yuval Adler, Customer Success Director at Zenity. I’m inviting you to read my blog series where I share new Microsoft Power Platform DLP Bypass findings we’ve uncovered.

With the dust now settled and life returning to some semblance of normalcy, we’ve still been ruminating on our week in San Francisco. It was an incredible and busy week, with a lot of top notch sessions, discussions, and of course the bustling expo. We compiled some of our daily thoughts after each full-day at the show, which you can read here, but now with some perspective, we wanted to share our four most memorable takeaways from RSA Conference 2023.

With the first full day of RSAC 2023 in the books, we wanted to publish a running diary of some of the key takeaways and themes that we are hearing on the show floor and at the various sessions we’re attending.

When developing applications, organizations rely heavily on the software development lifecycle (SDLC) to engrain security into the development process early and continuously. The SDLC lays out how to build security into early steps as developers are creating and testing applications. As such, organizations are able to embed security practices when it matters most.

Last week, on March 31st, NetSPI researchers announced that they found a cross-tenant Azure vulnerability in the Microsoft Power Platform connectors infrastructure, which allowed them to then access “at least 1,300 secrets/certificates in 180+ vaults”. In this article, we set out to analyze the root cause behind this vulnerability, explain its impact, and provide our own recommendations for Power Platform users and administrators.

Recent research from penetration testing company NetSPI found that Azure on-premises data gateways allow Power Platform and Power BI to access customer resources and databases. Threat researchers found that these gateways can communicate with Power Platform through an Azure service called Azure Relay (previously known as Azure Service Bus).

In recent years, companies have been looking for ways to streamline their HR processes and make them more efficient. In recent years it has become practically feasible for business users such as HR professionals to create their own solutions, due to the wave of citizen development which is exploding worldwide. Huge market players perceive this as a growth area and are heavily investing in providing solutions and platforms to enable business users to build what they need, when they need it.

Some of the world’s largest tech companies, like Google and Microsoft, have embedded AI into their business productivity suites, with Microsoft going a step further and releasing AI Copilot for Power Apps, its low-code platform. This integration has raised concerns over the decision-making power granted to business users to integrate data with AI and grant access, which can be done without oversight or control from IT.

Hello everyone! I’m Yuval Adler, Customer Success Director at Zenity. I’m inviting you to read my blog series where I will share new Microsoft Power Platform DLP Bypass findings we uncovered.