University of Twente Student Theses

Login

Safe Links or Safe Leaks? : A Deep Dive into Information Exposure via Microsoft Safe Links on Public Sources

Resing, Max (2024) Safe Links or Safe Leaks? : A Deep Dive into Information Exposure via Microsoft Safe Links on Public Sources.

[img] PDF
1MB
Abstract:Microsoft rolled out a new security product called Safe Links in late 2014. The product leverages Microsoft’s extensive threat intelligence to provide users with an automated and enhanced protection mechanism against phishing and malware distribution sites. Since the product primarily aims to protect customers of Microsoft products, it suggests that a Safe Link is constrained to a controlled environment where the data present in a link is already known to the user. However, the design of Safe Links makes the product prone to information exposure if it escapes this controlled environment and propagates to the public domain. We present a first-of-its-kind study on Safe Links that escaped to the public domain. This work examines the various types of information encapsulated within a Safe Link and demonstrates how their exposure to the public domain compromises this sensitive data. Our findings reveal this issue dates back nearly a decade and impacts over 1,200 organizations globally. By combining the Safe Link encapsulated data with contextual information from their public sources, we substantially enhanced the scope of insights gained. To list examples, we concretely managed to associate corporate and private mail addresses and present how Safe Links enable Personally Identifiable Information (PII) exposure in governmental documents, potentially violating legal regulations.
Item Type:Essay (Master)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science MSc (60300)
Link to this item:https://purl.utwente.nl/essays/104619
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page