CyberDom Blog

Entra ID User App Config Abuse

When you hunt for vulnerabilities long enough, you keep tripping over abuses hiding in plain sight. Some have been quietly farmed for years while others spill out of fresh features and rushed integrations. This piece lives in that messy middle, … Read the rest

Weaponizing Exchange Online Inbox Rules

Exchange Online’s split architecture creates blind spots that BEC operators have been quietly exploiting. This post walks through four distinct techniques for creating inbox rules that evade standard detection surfaces, then examines the evasion combinations that leave most SIEM stacks … Read the rest

Harvest Now Decrypt Later

Harvest Now, Decrypt Later, or Decrypt Later, Damage Forever… Attackers are already collecting data.

If you work in security long enough, you eventually realize that most “future threats” are simply today’s threats with better marketing. Quantum computing is a perfect … Read the rest

Securing AI at the Gate

A Deep-Dive into Microsoft Foundry Guardrails, Adversarial Prompt Attacks, and Runtime LLM Defense. Part 1.

Embedding LLMs into production workloads without a runtime defense layer is the same architectural mistake as deploying internet-facing applications without a WAF. The attack surface … Read the rest