AmeroBehroozi_square

Amero Behroozi

Engineer, Varonis

I have over 13 years’ experience in the IT industry, the last 6 have been dedicated to the security field. I have an extensive range of experience in the Telco and Finance space with operational (PS), architectural and sales experience and now specialise in Security and Compliance solutions.

Here’s an outline of how the attack works:

  • We trick a user into entering creds into our fake O365 login page (made with evilginx)
  • We make Microsoft send a passcode to the user’s phone
  • User enters their passcode on OUR fake page
  • We hijack the user’s session token
  • Gain access to SharePoint Online environment
  • Exfiltrate data from O365
  • Pivot to on-prem and steal CEO’s emails (because why not?)
Our Clients