BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.cccv.de//MCGKUA
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-38c3-MCGKUA@cfp.cccv.de
DTSTART;TZID=CET:20241230T110000
DTEND;TZID=CET:20241230T114000
DESCRIPTION:All I wanted was for Microsoft to deliver my phishing simulatio
 n. This journey took me from discovering trivial vulnerabilities in Micros
 oft's Attack Simulation platform\, to a Chinese company to which Microsoft
  outsourced its support department that wanted all my access tokens. I fin
 ally ended up hijacking remote PowerShell sessions and obtaining all data 
 from random Microsoft 365 tenants\, all the while reeling in bug bounties 
 along the way.
DTSTAMP:20241227T122743Z
LOCATION:Saal 1
SUMMARY:From Simulation to Tenant Takeover - Vaisha Bernard
URL:https://fahrplan.events.ccc.de/congress/2024/fahrplan/talk/MCGKUA/
END:VEVENT
END:VCALENDAR