Azure Front Door AiTM Phishing
We take a technical deep dive into a sophisticated set of Adversary in The Middle infrastructure utilising Azure Front Door, custom crypto, various redirects off of legitimate services as well as clever usage of hash values to better evade detection and ensure only the intended targets are able to access the phishing infrastructure.
Where Conditional Access Risk Policies Fail…
Certain Microsoft recommended conditional access policy templates are allowing AiTM attacks to fly under the radar on the false assumption that MFA is not phishable. We look at the flaws in this specific template and how you can alter it so that it doesn’t present a risk.