Microsoft 365

Christian Philipov
3 Sep 2025

Staying Sneaky in the Office (365)

SharePoint APIs provide a default functionality which can be used to download files outside of trusted devices and IP addresses. Thus, bypassing assumptions regarding where sensitive documents can be accessed from and providing an avenue for an attacker to exfiltrate information