Hero image generated by ChatGPT This is a personal blog. All opinions are my own - not my employer’s. Earlier this year, I published OuttaTune – a deep dive into how Conditional Access (CA) depends on device-sourced metadata and the risks of trusting values that endpoints themselves can …

Hero image generated by ChatGPT This is a personal blog. All opinions are my own - not my employer’s. Introduction This is a follow-up to my original post detailing a security flaw in Microsoft Intune’s Conditional Access (CA) filtering that allows local admin attackers to bypass CA policies by …

This is a personal blog and all content herein is my personal opinion and not that of my employer. Introduction After I shared the last post on Security Amnesia, a friend replied with a story that hit home: “When I was younger, me and my sister typed up CAA exam papers for commercial pilots …

This is a personal blog and all content herein is my personal opinion and not that of my employer. Introduction We spend millions securing systems and training people – and yet we still fall for the same attacks. Phishing, reusing passwords, skipping MFA. Why? This post isn’t about flaws in …

Hero Image generated by ChatGPT This is a personal blog and all content therein is my personal opinion and not that of my employer. Introduction This post details a security weakness in Microsoft Intune’s Conditional Access (CA) filtering, which allows attackers with local admin privileges to …

Hero Image generated by ChatGPT This is a personal blog and all content therein is my personal opinion and not that of my employer. Introduction In this post, I’m going to talk about an issue I spotted recently within Microsoft Azure. In my last post I talked about the VaultRecon issue that I …