I do SOC and infrastructure at day and CTF's at night and just want to share with you, that I identified and stopped a cyberattack at my company today.
The attackers were able to take over an AAD account, and sent phishing mails from that account. 2 users got phished. One of them already got 3 unknown MFA devices registered.
I (hopefully) stopped the attackers together with a colleague from that subsidiary.
Forensics are still in progress.
[link] [comments]
from hacking: security in practice https://ift.tt/EU9Xc37
Comments
Post a Comment