In today’s threat landscape, cybercriminals are getting smarter, and phishing attacks are more sophisticated than ever. Attackers use tools like Evilginx to bypass traditional security measures by stealing session tokens, or they simply export cookies from browsers on a compromised device, and they can impersonate users without ever needing their passwords or MFA codes. Possibly … Read more
How it works Previously, I’ve blogged about two variants that we used at Prof-IT Services to block malicious IP addresses on Azure Frontdoor that were going over a certain threshold. We’ve now created a more simplified version, that only uses a C# function app, managed identity, and log analytics workspace. Blocking abusive IP addresses that … Read more
It’s time to secure Google Workspace—even if you’re not using it. Read about our recent discovered vulnerability, called ‘G-Door’, which allows users to bypass Microsoft 365 conditional access rules.
Recently, we encountered two distinct variants of a payload delivered through Google Drive, both containing a malicious shortcut. While these threats were successfully mitigated, it’s crucial to understand their mechanisms and implement protective measures. In this blog, we’ll dissect these threats and explore strategies for defending against them. Threat Analysis The malicious shortcuts in the … Read more
Schedule a call to talk to one of our Solution Consultants, who can help guide you on your journey to choosing the right IT solution or managed service for your business.
