Another day of Cybersecurity
We’re in 2026, and inbox persistence is still here, and it’s one of the core pillars of the Microsoft 365 attack playbook. Once an attacker lands in a mailbox, they don’t rush to chase noisy privilege escalation. They go for … Read the rest
Exchange Online’s split architecture creates blind spots that BEC operators have been quietly exploiting. This post walks through four distinct techniques for creating inbox rules that evade standard detection surfaces, then examines the evasion combinations that leave most SIEM stacks … Read the rest
