Azure Front Door AiTM Phishing
Oleksandr Oleksandr

Azure Front Door AiTM Phishing

We take a technical deep dive into a sophisticated set of Adversary in The Middle infrastructure utilising Azure Front Door, custom crypto, various redirects off of legitimate services as well as clever usage of hash values to better evade detection and ensure only the intended targets are able to access the phishing infrastructure.

Read More
Where Conditional Access Risk Policies Fail…
John Fitzpatrick John Fitzpatrick

Where Conditional Access Risk Policies Fail…

Certain Microsoft recommended conditional access policy templates are allowing AiTM attacks to fly under the radar on the false assumption that MFA is not phishable. We look at the flaws in this specific template and how you can alter it so that it doesn’t present a risk.

Read More
AiTM Non-Incident Report
John Fitzpatrick John Fitzpatrick

AiTM Non-Incident Report

We delve into the investigation of a foiled AITM attack involving Cloudflare workers.dev infrastructure and highlight the re-use of multiple domains across different campaigns. This particular attack was prevented from succeeding by well constructed Conditional Access policies

Read More