ConsentFix: A New way to Phish for Tokens
A look at a new phishing campaign, ConsentFix which utilises click-fix style techniques to steal auth tokens.
On the Hunt
Deep dive into malware analysis, threat hunting, blue team defense strategies, and red team techniques
Recent Posts
View allMicrosoft Entra Token Theft - Part One: Offline Access and Conditional Access
A walkthrough of different Token Theft Scenarios with Detections
Detecting Abuse of VSCode Remote Tunnels
Detecting abuse of VSCode Remote Tunnels for C2 and persistence by threat actors
Microsoft Dev Tunnels: Tunnelling C2 and More
How threat actors abuse Microsoft Dev Tunnels for C2 communication and detection strategies
SVCHost.exe and Internet Sharing Triage
Investigating suspicious svchost.exe behavior and Internet Connection Sharing during malware triage