Detect and shut down token attacks as they happen. Check out token protection enforcement in Microsoft Entra. youtu.be/gPcNlm0CyOw #TokenProtection

AIShell from Microsoft is one to keep an eye on. Already supports Ollama, but only if you build the code yourself as it's still in early preview. github.com/PowerShell/AIS…

Testing AIShell with Ollama and deepseek-coder:6.7b Mega slow on my crappy work laptop, but it'll be cool when more agents are developed and supported.

Don’t sleep on Protected Users group.... 1) it’s free 2) it disables NTLM and WDigest 3) it blocks delegation and can mitigate pass the ticket 4) four-hour max TGTs lifetime p.s. I know a guy that made a super cool tool to help with this... github.com/jakehildreth/P…

Stop shitting on vibe coding. Vibe coating is hacking. In the original sense. The old hackers were not building perfectly engineered systems from the start like corporate engineers. Hacking is about passion and enthusiasm and exploring curiosity. It’s about making things

Your #MDT shares might be spilling secrets like a drunk uncle at a wedding. 🍷💬 In my latest post for TrustedSec, I dig into how Red Teamers can extract creds from MDT shares — and why your MDT deployment server might need a security makeover. Read all about it here:

Ding dong, the 2010s called – they want their TTPs back. Amazing how you can still completely own companies using decade-old techniques: - PSExec for RDP prep - Mimikatz dumped in C:\PerfLogs - LOLbin-fueled network recon - A scheduled task beaconing to some shady IP It still

Gnarly vulnerability, one to keep an eye on. Great research!

It's here! Modern auth for Entra Connect Sync is now available 🚀 This finally moves from user/pass to auth with Entra to using a Service Principle with a certificate. Another benefit is misconfigs in CA policies will no longer break syncing :) Docs: learn.microsoft.com/en-us/entra/id…

it's crazy that the secret to prompting AI better than 99.999% of people is just asking AI how to prompt AI

🤓 I have built an MCP for YARA rule creation and it works pretty great! With DocYara MCP, you can: – Generate YARA rules – Validate and optimize them – Deploy your rule directly to VirusTotal Livehunt I did a full walkthrough on YouTube in the second tweet 👇

Unlock ALL Microsoft Docs in #GitHub Copilot with the new MS DOCS MCP SERVER! It’s been crazy helpful while testing it over the last week. Probably the most useful MCP server to date. github.com/MicrosoftDocs/…

Blogged: How to connect the Microsoft Docs MCP server to Claude Code for real-time access to official Microsoft documentation. dstreefkerk.github.io/2025-06-connec…

Blogged: How I built an MCP server to bridge Microsoft Sentinel with Large Language Models. dstreefkerk.github.io/2025-06-micros…

🚨 Ongoing phishing campaign abuses Microsoft 365’s “Direct Send” to spoof internal users—no auth needed. Attackers send legit-looking emails via smart hosts, bypassing SPF/DKIM/DMARC. Over 70 orgs targeted since May 2025. bleepingcomputer.com/news/security/… detections.ai/rules/cafefc8c…

Yay, I guess? Unfortunately for attackers and security assessors alike, in mid-June 2025 Microsoft disabled the ability for an unauthenticated user to retrieve all of the domains linked to a particular M365 tenant via 'GetFederationInformation'. techcommunity.microsoft.com/blog/exchange/…

Tired of Claude Code creating inconsistently formatted Python files? I've set up hooks to automatically run Black formatting after every file modification. New blog post covers the setup + broader automation possibilities: dstreefkerk.github.io/2025-07-making…

'Vacations.' The word is 'vacations.'

The Hard Truths of SOC Modernization googlecloudcommunity.com/gc/Community-B…

What Is “mx.microsoft”? c7solutions.com/2024/02/what-i…