Had an incredible time at the recent Belgian Microsoft Cloud & Security Community Event, and I’m thrilled to share highlights from the event in my latest video! 🌐 Organizer Spotlight: Michael Van Horenbeeck Michael provided invaluable insights into what makes the community thrive and the incredible impact it has on fostering collaboration in the Microsoft […]
Join us in this eye-opening video as we delve into the world of cybersecurity and take on a real-life Adversary-in-the-Middle (AITM) attack. We’ll explain what an AITM attack is and, in a daring move, intentionally subject ourselves to a phishing attempt to gain insights into how we can better safeguard our online security. In this […]
🔒 Unveiling My Journey: From Finding XSS Vulnerability to Earning Bounties at Microsoft 🔒 In December 2022, I stumbled upon an XSS (Cross-Site Scripting) vulnerability on security.microsoft.com, and today, I’m thrilled to share my incredible journey with you! After many months of anticipation, I can finally disclose the details of how I discovered and successfully […]
Session about “The power of Microsoft Defender for Endpoint: Mastering its Hidden Gems”
On 25 May, my colleague Thijs Lecomte & and I were guest at Come get IT. Sander Bruijs & Martijn Verheij, hosts of the podcast, invited us after hearing our talk about Incident Response using Microsoft Technology. You can listen to podcast via this link with timestamp 43:48CGIT Extra – Experts Live! 2023 – Come […]
A massive phishing campaign is targeting vlaanderen.be, impersonating their domain. It is common for phishing campaigns to impersonate government domains. However, during my investigation, I observed that the attackers were sending phishing emails from an IP address that was listed in the SPF record of vlaanderen.be. This video showcases the steps taken during the investigation […]
Whether you are a beginner or an experienced practitioner in the field of ASR, this video is sure to provide you with valuable knowledge and insights. So sit back, relax, and enjoy this video about Attack Surface Reduction rules Links ASR references: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-worldwide Palantir’s blog: https://blog.palantir.com/microsoft-defender-attack-surface-reduction-recommendations-a5c7d41c3cf8 LSASS Twitter question: https://twitter.com/LouisMastelinck/status/1643652827493937152 Chapters –Chapters–0:00 intro 1:18 1. […]
Email privacy is a very sensitive subject. Permissions to inboxes are heavily managed and it’s a very bad idea to give yourself as an IT Admin permissions to a mailbox of an end-user. There are multiple options to get access to the content of a mailbox, but some are more stealthy than others. In this […]
In this video, we go over the strengths of a FIDO 2 and how we can use “authentication context” in a conditional access policy to require FIDO2 as an MFA method. If you want to secure your precious accounts with an extra security layer, this video might spark your interest. We are configuring that an […]