This phishing method took advantage of a vulnerability in Office 365 to bypass all of Microsoft's security. All Office 365 users were vulnerable, with or without ATP.
As of January 9th, this vulnerability has been fixed.
Demonstration of Z-WASP Vulnerability
Reviewed by Anonymous
on
January 10, 2019
Rating: 5