Collection: Latest insights and cybersecurity resources

Atlassian has a new critical CONFLUENCE vulnerability

Atlassian has a new critical CONFLUENCE vulnerability


William Heckadon
Continue
Defender for Office 365: Anti-phishing Policies

Defender for Office 365: Anti-phishing Policies


Marius Maciuitis

Phishing is one of the biggest challenges that organizations are facing today. This calls for every available and useful control to be implemented to minimize the phishing attack surface, and Microsoft Defender for Office 365 anti-phishing policies provide just that.

Continue
Threat Hunting - Clear Text Credentials in the URL

Threat Hunting - Clear Text Credentials in the URL


Marius Maciuitis
Continue
clear text
Token Theft Part 2 - Defensive

Token Theft Part 2 - Defensive


Marius Maciuitis

Defenders should focus on those users who trigger multiple alerts rapidly. For example, a risky sign-in followed closely by indicators of persistence techniques, such as mailbox rule creation.

Two detection sources are very helpful in detecting and alerting of token theft attacks, for example: Azure Active Directory Identity Protection and Microsoft Defender for Cloud Apps

Continue
Azure
Token Theft Part 1 - Offensive

Token Theft Part 1 - Offensive


Marius Maciuitis
An increasing number of cyber-attacks employ techniques to bypass multi-factor authentication (MFA) which allows criminals the ability to access corporate networks with limited ability by security teams to detect these threats.
Continue
AiTM
Importance of IOC Detection Rules

Importance of IOC Detection Rules


Marius Maciuitis
Continue