Apr 17 · 3 min read · Companies will spend $50,000 a year on a premium Identity Provider (IdP) tier, roll out an authenticator app to the entire org, and proudly declare themselves "unhackable" at the next board meeting. Then Kevin in Sales gets his password scraped by a...
Join discussionApr 13 · 3 min read · Working with clients who don’t have dedicated IT teams is one of the most challenging yet rewarding experiences in cybersecurity consulting. Without internal experts, every problem — from configuratio
Join discussion
Mar 23 · 17 min read · Audience: IT Pros Platform: Microsoft 365 Series: MFA & Conditional Access Part: 2 of 7 In Part 1 of this series, we looked at how AiTM phishing defeats MFA by stealing session cookies — and I menti
Join discussion
Mar 22 · 6 min read · In early March 2026, two events put MFA bypass back in the spotlight. Europol dismantled Tycoon 2FA — the world's largest phishing-as-a-service platform — while a new suite called Starkiller demonstrated that AitM phishing has evolved from a sophisti...
Join discussionMar 20 · 10 min read · You're an attorney. You went to law school to argue cases and advise clients, not to become a cybersecurity expert. But here's the reality: the ABA says you have an ethical obligation to understand th
Join discussion
Mar 9 · 17 min read · Audience: IT Pros & End Users Platform: Microsoft 365 Threat Class: Adversary-in-the-Middle (AiTM) Phishing Series: MFA & Conditional Access Part: 1 of 7 Telling your users to enable Multi-Factor Au
Join discussion
Mar 9 · 7 min read · Overview Amid increasingly sophisticated cyberattacks, a new phishing campaign has emerged, highlighting a notable shift in methods used to steal user accounts. Instead of exploiting traditional softw
Join discussion
