Category: Office365

Attack Simulator for Office 365 Threat Intelligence – Password Spray Attack

Pirate,

the third attack simulation method is a password spray attack. In a password-spray attack, a hacker tests a single password against multiple user accounts at an organization. The method often involves weak passwords, such as Winter2018 or Password123!, and can be an effective hacking technique against organizations that are using single sign-on (SSO) and federated authentication protocols, but that haven’t deployed multi factor authentication.

 

 

Continue reading

Attack Simulator for Office 365 Threat Intelligence – Brute Force Password Attack

Pirate,

A Brute Force Attack is the simplest method to gain access to a site or server. It is an automated, trial-and-error method of generating multiple password guesses from a dictionary file against a user’s password. Automated software is used to generate a large number of consecutive guesses as to the value of the desired data. An attack of this nature can be time- and resource-consuming. Hence the name “brute force attack;” success is usually based on computing power and the number of combinations tried rather than an ingenious algorithm.

 

Continue reading

Attack Simulator for Office 365 Threat Intelligence – Spear Phishing Attack

Pirate,

in the first part we had a look into attack simulator and the included scenarios. We discussed which scenario does what in detail and what you need to set up as a preparation. In this blog post we will check out the spear phishing attack that is meant to harvest credentials. Spear phishing is a very common e-mail spoofing attack scenario that targets a specific individual or organization with the goal to get access to sensitive information. Furthermore I have seen this attack method with the intend to install malware on a targeted user’s computer.

 

Continue reading

Attack Simulator for Office 365 Threat Intelligence – Overview and Preparation

Pirate,

Email spam is once again the most popular choice for sending out malware. Spam has been one of the main infection vectors for decades. During the past few years, it’s gained more popularity against other vectors, as systems are getting more secure against software exploits and vulnerabilities. A recent report of F-Secure reports that spam email click rates have gone up from the 13.4% recorded in the second half of 2017 to 14.2% recorded in the first half of the year. To protect against these attack vectors is nearly impossible as a majority of attacks leads to web pages never seen before and due to the the sheer infinite range of these attack vectors. The only thing that really improves our security level is permanent education of our users.

On ‎02-21-2018  Microsoft has announced the Public Preview of Attack Simulator for Office 365 Threat Intelligence. In preparation of some customer workshops I had a first look into the product that I want to share with you.

Continue reading

© 2017 IT-Pirate