MITRE Caldera: Automating Adversary Emulation This is a guest blog post written by Roger. What? Caldera is a cybersecurity framework developed by MITRE to assist security professionals in automating adversary emulation, thereby reducing the time, cost, and effort associated with manual security assessments. Built upon ...

For everyone in the room who is somewhat of an IT administrator to one or more Azure (including Office365) tenants, please raise your hand if you’ve been bestowed with the gift (or curse) of permanent administrative permissions. Cue nervous laughter. Sounds a bit risky, right? Imagine the chaos if that account ev...

If you also think FIDO2 and Passkeys rhyme with PITA, try this neat little detection trick to start alerting on Office365 account compromise on Azure right now. Detecting Office365 Attacker-in-the-Middle attempts in Azure Attacker-in-the-Middle (previously called Man-in-the-Middle) attacks are on the rise unlike ever b...

Phishing still is a very popular attack vector while MFA is supposedly the cure. Let’s prove that it isn’t. This might or might not have been inspired by a recent car sharing company incident. This is a guest blog post written by Arne. Introduction Phishing is categorized as social engineering and is used t...

In light of the WhatsApp privacy controversy, I was tempted to dive deep into the clustered web that is privacy and security for instant messaging apps. Let me guide you through the mess that is secure instant messaging. Message away! As always, skip to the Ending Remarks if you don’t have time to read it all. In...

Questions raised since the last blog post and the recent release of macOS Big Sur and the M1 chip require some clarification. Preface My previous blog post around the T2 vulnerabilities on Apple hardware caused a wave of news articles describing the issue, ranging from terrible copied to actually being written in a bet...

Let’s talk about that thing nobody’s talking about. Let’s talk about a vulnerability that’s exposing 2018-2020 Macs while most are declining to act nor report about the matter. Oh, and did I mention it’s unpatchable? Buckle up buckaroo, we’re in for a wild ride. Skip to #security-iss...

A recent network issue with my ISP connection triggered me to delve into what my ISP could know about me, and what everyone can do about that. Let’s dive into the paranoia! A note: this is mainly a brain dump and might contain some unproven claims… so as always on the internet: YMMV. Preface My Problem For...