Microsoft 365 AiTM Defense
AiTM phishing, what actually happens, and what breaks each step
The attack in plain English, mapped to ATT&CK, and which defensive control kills which step. Read this before …
Microsoft 365 Device Code Defense
Device code phishing against Microsoft 365, how the attack inverts a legitimate OAuth flow
The victim authenticates to the real Microsoft sign-in page. MFA satisfies normally. FIDO2 does not stop it. The …