Pervasive Account Takeovers in Integration Platforms for Workflow Automation, Virtual Voice Assistants, IoT, and LLM Services

Explore a critical Black Hat conference presentation that uncovers severe security vulnerabilities in integration platforms used for workflow automation, virtual assistants, IoT devices, and LLM services. Dive deep into newly discovered authorization attacks affecting 24 out of 25 mainstream integration platforms, leading to account takeovers and privacy breaches. Learn about the technical details of three distinct attacks on authorization frameworks, including two methods enabling account takeovers and one causing forced account linking of arbitrary services. Understand how improper OAuth-based account linking implementation by major vendors compromises session integrity, with some attacks requiring minimal user interaction and potentially compromising Microsoft 365 suite or Azure services through a single click. Gain valuable insights into security best practices, mitigation strategies, and learn from vendors' unsuccessful remediation attempts. Presented by researchers from The Chinese University of Hong Kong and Samsung Research America, this 37-minute talk provides essential knowledge for security professionals working with integration platforms and authorization frameworks.