A massive phishing campaign is targeting vlaanderen.be, impersonating their domain. It is common for phishing campaigns to impersonate government domains. However, during my investigation, I observed that the attackers were sending phishing emails from an IP address that was listed in the SPF record of vlaanderen.be. This video showcases the steps taken during the investigation […]
Who changed my security baseline? Configuring your tenant with correct security policies that match the needs of your company or customer takes time and effort. But once everything is in place you can sleep on both ears… right? Unless other admins change the security baseline behind your back. This isn’t necessarily with bad intentions. Security […]
Microsoft will disable basic auth on October 2022. There is no reason to wait with moving to modern auntill until Microsoft forces you to do so. There are BIG SECURITY RISK with using legy auth protocols. In this video I will be explaining where you can identity these protocols, explain the authentication mechanic that attackers […]