In order to get started, you need to have your phishing domain in Office 365. This key is only valid for a certain time (more on that later in this post). First, it adds encryption to the files you protect and second before the designated user can open the document, it has to contact Azure to verify the identity to obtain the decryption key. That way, it would not matter if the sandbox got the file since it will not be possible for it to read the contents.ĪIP works in two ways. During this engagement, it struck me like a bolt of lightning that I could use AIP (also known as Rights Management Service) to protect the attachments and even the email so that only the designated recipient could open it. The idea came during an engagement where I was having trouble getting phishing emails into users’ inboxes without being caught by a sandbox on the way. In this blog post, I will go over how to use Azure Information Protection (AIP) to improve phishing campaigns from the perspective of an attacker. By Oddvar Moe in Cloud Assessment, Security Testing & Analysis, Social Engineering
0 Comments
Leave a Reply. |