[email protected] 
Recently, we encountered two distinct variants of a payload delivered through Google Drive, both containing a malicious shortcut. While these threats were successfully mitigated, it’s crucial to understand their mechanisms and implement protective measures. In this blog, we’ll dissect these threats and explore strategies for defending against them. Threat Analysis The malicious shortcuts in the … Read more
Managing a SharePoint environment can be a complex task, especially when it comes to ensuring that your storage is being used efficiently. Duplicate files across various sites and document libraries can quickly consume valuable space, slow down search results, and create confusion among users. Fortunately, with the power of PowerShell and the PnP (Patterns and … Read more
Session hijacking occurs when an attacker steals a valid session token—essentially, the key to a user’s active login session. In the case of Microsoft Teams, once a user logs in, their session token remains active and allows them to continue their work without repeatedly entering their password. While convenient, this token persistence also introduces a … Read more
IT-Boost’s TOTP secrets were exposed due to browser-based OTP calculations, allowing extraction and potential security risks. ConnectWise released a fix using a secure TOTP API. Users should cycle secrets to prevent breaches. Read more in this blog about the vulnerability, risks, and best practices for secure TOTP implementation.
Schedule a call to talk to one of our Solution Consultants, who can help guide you on your journey to choosing the right IT solution or managed service for your business.
