applied security research
AUTHOR
Rik van Duijn
Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber Cyber
Follow me
#CES2021
Azure App Consent Policies
Rik van Duijn - 11 nov 2020
OAuth consent phishing has been on the rise for a while now. Unsurprisingly, Microsoft has gradually introduced measures to protect from this type of attack. Latest: Risk-Based Step-Up Consent. Lees verderHoneytokens using Azure Keyvaults
Rik van Duijn - 15 okt 2020
In 2017 Wesley and I gave a presentation at SHA2017 about honey/pot/tokens. We actually planned on building a fully fledged platform. But never came further then the POC phase of that project. This week we got a product demo from the guys at Thinkst, i’ve always loved this way of thinking: let the attacker come […] Lees verderDetecting BEC fraud using Azure Sentinel
Rik van Duijn - 17 jun 2020
Business Email Compromise (BEC) Fraud inflicts the most damage of all types of cybercrime, according to the FBI. How to detect such attacks using Azure Sentinel? Rik shares some actual possibilities. Lees verderPhishing aftercare
Rik van Duijn - 26 mei 2020
This blog is part of our Office 365 attack & defense series. We also maintain a Github page where we share our Office 365 tools and queries. We often get sent phishing emails by family and friends. Not to phish us but because we ask family and friends to forward them to us. Sometimes they […] Lees verderOffice 365 – Exchange rules
Rik van Duijn - 13 mei 2020
This blog is part of our Office 365 attack & defense series. We also maintain a Github page where we share our Office 365 tools and queries. Exchange rules can be useful in managing the emails we receive on a daily basis. For example, it allows users to automatically respond or move specific emails to […] Lees verderApplied Security Research; more than just a pay-off
Rik van Duijn - 28 apr 2020
Rik beschrijft wat Applied Security Research voor hem betekent. En hoe we als Zolder die pay-off in praktijk willen brengen. Lees verderWindows terminal profile fun
Rik van Duijn - 24 apr 2020
Rik plays around with the preview version of Windows Terminal to find manipulation options. Lees verder#1 – Hello World!
Rik van Duijn - 14 apr 2020
Zolder is live! Vanaf nu zullen wij ongeveer eens per maand een nieuwe zoldersession plaatsen. Per keer kiezen we een bepaald thema en gaan we in op cybersecurity actualiteiten. Deze eerste sessie is een kennismaking: wie zijn de mensen achter Zolder? Hoe ervaren zij de wereld om zich heen? Waarom zijn ze een bedrijf gestart en hoe beelden zij de toekomst in? Lekker onwennig nog want de eerste keer, maar dus ook eerlijk en puur! Lees verderBlogs