Head of Security Analysis of Information Systems, М-13
Captain of the CTF team rm-rf, two-time winner of the VolgaCTF competitions (2012 and 2013). Technical Director of the M*CTF competition in 2014-2016. Lecturer at the Department No. 42 Cryptology and Cyber Security of NRNU MEPhI.
The spread of Office365, the use of Microsoft email servers and the enhancement of antispam technologies stimulate development of new vectors of phishing attacks. Standard phishing methods are less likely to work since emails cannot get into the user’s inbox. This has become a big problem with RedTeam campaigns. The report will explain how you can make a successful phishing attack using legitimate technologies to protect documents sent by email. We discuss one of the popular tools, Azure Information Protection, and a few cases that demonstrate the ability to bypass antispam solutions and ensure the delivery of a phishing email to the inbox.