Collection: Latest insights and cybersecurity resources

Threat Hunting - Clear Text Credentials in the URL

Threat Hunting - Clear Text Credentials in the URL


Marius Maciuitis
Continue
clear text
Token Theft Part 2 - Defensive

Token Theft Part 2 - Defensive


Marius Maciuitis

Defenders should focus on those users who trigger multiple alerts rapidly. For example, a risky sign-in followed closely by indicators of persistence techniques, such as mailbox rule creation.

Two detection sources are very helpful in detecting and alerting of token theft attacks, for example: Azure Active Directory Identity Protection and Microsoft Defender for Cloud Apps

Continue
Azure
Token Theft Part 1 - Offensive

Token Theft Part 1 - Offensive


Marius Maciuitis
An increasing number of cyber-attacks employ techniques to bypass multi-factor authentication (MFA) which allows criminals the ability to access corporate networks with limited ability by security teams to detect these threats.
Continue
AiTM