Just a few short days away from fwd:cloudsec! -Michael Newar, Andrew Kraut and Jared Elder will be at the booth. -Nathan Eades is taking the stage at 10:30AM on Monday. Come check out his talk: fwdcloudsec.org/conference/nor… -After a long day of conferencing, come hang out with our

Check out Permiso P0 Labs’ latest research about AWS Managed Active Directory compliments of Bleon Proko! Turns out AD default settings inherited from on-prem AD can lead to a Resource-Based Constrained Delegation (RBCD) attack in its Cloud counterpart. permiso.io/blog/abusing-d…

We’re excited to have Andi Ahmeti, Threat Researcher at Permiso Security speaking at #BSidesTirana2025 on the 19th of September! #BSidesTirana #BSides #speakers

Attackers are finding new ways to hide in plain sight. That’s why Permiso built Inboxfuscation - a free, open-source obfuscation and detection framework to help security teams detect and stop Unicode-obfuscated Microsoft Exchange inbox rules. It includes modules for both

Big thanks to Catalin Cimpanu at Risky Business® Media for including #Inboxfuscation in the recent Risky Biz newsletter news.risky.biz/risky-bulletin…

Thanks to Duncan Riley and SiliconANGLE for covering our latest open-source tool, #Inboxfuscation siliconangle.com/2025/09/11/new…

Malicious Microsoft Exchange inbox rules could be hidden using a technique dubbed “Inboxfuscation,”Permiso Security researchers reported. #cybersecurity #infosec #ITsecurity bit.ly/465HDlG

Big thanks to Laura French and SC Media for covering #Inboxfuscation!

Two Permiso speakers on the international stage tomorrow: Andi Ahmeti will be presenting "Inbox Under Siege: Real-World BEC Attacks, Tactics & Lessons Learend" at BSides Tirana tomorrow at 3:40 local time. Daniel Bohannon will be presenting "SkyScalpel: Making & Breaking

🚨 Inboxfuscation Tool That Bypasses Microsoft Exchange Inbox Rules and Evades Detection Read more: cybersecuritynews.com/inboxfuscation… Attackers increasingly exploit Microsoft Exchange inbox rules to maintain persistence and exfiltrate data within enterprise environments. Inboxfuscation

💡This tool on GitHub is only 2 weeks old, first seen on September 10th, 2025. Inboxfuscation: An advanced offensive & defensive framework for mailbox rule obfuscation & detection in Exchange environments. GitHub: github.com/Permiso-io-too… Release Blog: permiso.io/blog/inboxfusc…

Love seeing our work at @PermisoSecurity being shared with the community! I had the chance to develop Inboxfuscation an open-source tool to detect malicious inbox rules. Excited to see it getting out there!

Great write up from the Cyber Security News on our latest open-source tool, #Inboxfuscation, in their newsletter today. "A new open-source tool named Inboxfuscation can create malicious inbox rules in Microsoft Exchange that are difficult for security tools to detect. Developed by

⚡️AI adoption is outpacing security. Permiso delivers **complete visibility** into AI users, builders & agents with runtime intelligence that stops hidden threats. Blog post here: hubs.la/Q03LtT7Z0

Cloud logs all speak a different language. AWS ≠ GCP ≠ SaaS ≠ IdP. P0LR Espresso is an open source tool that normalizes logs across environments so defenders get fast, strong shots of context during live response. Read more: hubs.la/Q03M4GfF0

AI security makes more sense when you see it through identity. Ian Ahl explains why most “AI incidents” come down to stolen creds, OAuth abuse, and over-privileged accounts and how to fix it with Discover. Protect. Defend. Stream now: hubs.ly/Q03Nv3SK0