less than 1 minute read

Last year, Microsoft’s Detection and Response Team (DART) published the timeline of an attack which leveraged Power Platform, Microsoft’s low-code platform. Using live-off-the-land techniques, the attackers were able to exfiltrate sensitive corporate data and maintain complete Office 365 access for 240 days! This post presents an in-depth analysis of the attack.