Posts

Showing posts from August, 2019

Introducing the Office 365 Mail Token

Image
Shared passwords, sensitive documents: mailboxes are great targets for attackers. Would you know they were targeted? We’ve got your back! Our Office 365 token deploys to thousands of mailboxes in minutes and alerts you when someone is snooping around. Why an Office 365 Mail token? Enterprises have been flocking (ha) to Office 365 for years now and a large number of Thinkst customers are using it. The Canaries will detect attackers on their networks, but nothing lets them know if an attacker has compromised a single mailbox and is snooping around. Canarytokens are great at becoming high fidelity tripwires in places that other tools can’t easily go. You can quickly head over to https://canarytokens.org to create a token, and then place it in Bob’s mailbox, but how does this work for an entire office? Will it work for an entire org? Easy! The Office 365 Mail token can drop a pre-written, tokened email into multiple mailboxes at once. We insert the emails into mailboxes automatic

USENIX Security Symposium 2019

Image
Thinkst in Santa Clara Last week Haroon and I found ourselves at the 28th USENIX Security Symposium  in balmy Santa Clara. We made the trip from Vegas for Haroon's invited talk at the main event, and I took the opportunity to present at one of the side workshops ( HotSec ). This is a short recap of our USENEX experience. Neither Haroon nor I have attended USENIX events previously, despite over 20 Black Hat USAs between the two of us. What's worse, we both used to read ;login: regularly, and the research coming out of USENIX Security is typically thorough. When this opportunity presented itself, we couldn't turn it down. Drawing comparisons between USENIX and Black Hat/DEF CON is a bit unfair as they have different goals entirely, but given the consecutive weeks they run on, I think it's ok. Compared to Black Hat/DEF CON, obvious differences are the smaller scale (there were fewer speaking rooms and smaller audiences), primarily academic focus, and no sid