🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Is it possible to conduct AiTM phishing attacks with Azure Functions to phish Entra ID sign-in cookies? Spoiler: Yes it is. And we can bypass injected canary tokens and automate the replay😶‍🌫️nicolasuter.medium.com/aitm-phishing-… Kudos to Wesley Jan Bakker Fabian Bader Joosua Santasalo

Microsoft has detected a 111% year-over-year increase in token replay attacks, and incidents are continuing to grow. msft.it/6011lSgZ7

Merill Fernando's project has become SO GOOD that it should be your go-to resource when investigating Microsoft Graph application permissions 👇

Now LIVE on Amazon Kindle and in print! - packt.link/DavidO #devsecops #cloudsecurity #azure #supplychainsecurity

My former colleague Dr. Nestori Syynimaa knows this scenario pretty well :) This attack scenario is "old but gold" ( Golden SAML 🙂) Just to confirm you should not see Incoming token type of SAML 2.0 for non-federated users...

Now shipping! packt.link/DavidO #devsecops #azure #cloudsecurity #supplychainsecurity

The new chapter of the #MicrosoftEntraID Attack & Defense Playbook has seen daylight: adversary-in-the-middle attacks. The chapter will provide comprehensive attack descriptions, detections, mitigations & hunting queries. Link to the playbook: bit.ly/3ZnWgNY

New chapter of #MicrosoftEntra Attack & Defense ☁️🔐 playbook: Sami Lamppu and I have worked on #AiTM attack scenarios, detection and mitigation capabilities. This includes #KQL queries for advanced hunting in #MicrosoftDefender and #MicrosoftSentinel. github.com/Cloud-Architek…

Thanks to our friends at Microsoft Press we now have a sample chapter available for free from our KQL book - if you want to get a feel for the content. We also have a discount code KUSTO for you, which gets you 30% off your purchase. aka.ms/kQLMSPress/Sto…

What happens if your CPU gets something wrong? If it wakes up one day and decides 2+2=5? Well, most of us will never have to worry about that. But if you work at a company the size of Google, you do, which is why this paper on "mercurial cores" is so fascinating. What the

Got this cool badge from MSRC: Microsoft Most Valuable Security Researcher (MVR) for 2024! Thanks again to Security Response for recognizing security researchers! credly.com/badges/15217f8…

I thought this Cyber Security Awareness Month, instead of telling you to enable MFA, I would try to make you aware of some quality individuals to follow who you may not be aware of doing great work and trying to help everyone stay secure

Discover a vulnerability or threat? Submit it via the MSRC Researcher Portal: msrc.microsoft.com/report. MSRC accepts a variety of submission types, including software & service vulnerabilities, URL-related threats, IP address threats, OAuth applications, and Azure Community

Oletko kuullut suomenkielisestä Microsoft tietoturvan käyttäjäryhmästä? Perustimme Security MVP:n kanssa ryhmän, joka tuottaa tietoturva tietoisuutta suomeksi. Liity mukaan Meetup ryhmäämme: Microsoft Security User Group Finland meetup.com/microsoft-secu…

Microsoft Threat Intelligence has observed Russian threat actor Midnight Blizzard sending a series of highly targeted spear-phishing emails to individuals in government, academia, defense, non-governmental organizations, and other sectors. msft.it/6011W3CGX

Sometimes happiness is getting a different error, and not the one you've been getting the last 4 hours ❤️

Celebrating 4 years of the "#MicrosoftEntra Attack & Defense Playbook" community project! Last week, Sami Lamppu and I took the opportunity to record a video about the journey of this project, from research to writing process. #MVPBuzz youtube.com/watch?v=fBD1ft…

“A lot of the basic hygiene that organizations need to be doing is not expensive cutting-edge #cybersecurity work. It's the basics…” ~ Rafe Pilling See what else Pilling shared while discussing how conflict with #China might play out in the cyber realm: lite.spr.ly/6004DAQu

I was blessed to conduct some fantastic research at Secureworks for 2024, in partnership with the amazing folks Security Response ,who kindly provided this awesome swag for MVR's2024. The Stanley Quencher&the rest of the swag no doubt increase RIZZ &aura by at least 10X,no cap🎇

In mid-November 2024, Microsoft Threat Intelligence observed the Russian threat actor we track as Star Blizzard sending spear-phishing messages, now offering targets a chance to join a WhatsApp group. msft.it/6011U8e6U