Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore advanced attack techniques targeting Microsoft Entra Connect's synchronization mechanisms in this 20-minute conference talk from fwd:cloudsec Europe 2025. Discover how SyncJacking and SoftMatching Abuse vulnerabilities exploit architectural trust assumptions between Active Directory and Microsoft Entra ID to enable identity hijacking and impersonation in hybrid cloud environments. Learn about SyncJacking, a Hard Matching process vulnerability that allows attackers to forcibly associate Entra ID cloud identities with compromised on-premises accounts, confirmed as a valid security issue by Microsoft's MSRC. Examine SoftMatching Abuse techniques that target weaknesses in the Soft Matching process to maliciously link accounts and maintain persistent access with minimal detection footprint. Watch live demonstrations showcasing end-to-end exploitation scenarios from reconnaissance through privilege escalation, while gaining practical insights into both offensive techniques and defensive strategies for securing hybrid identity synchronization systems. Presented by Tomer Nahum, a Security Researcher at Semperis and Microsoft Most Valuable Researcher (MVR) award recipient, who specializes in discovering attacks against on-premises and cloud identity infrastructures.
