Threat-Hunting
Lessons from the field. Always landing on my feet.
All
Cloud Security
Identity Security
AI Security
Microsoft Sentinel
Detection Engineering
DevSecOps
Threat Detection
Zero Trust
Agentic AI
Container Security
Infrastructure as Code
Microsoft Defender
Microsoft Entra
2 posts
Detecting Infostealer Session Hijacking with Microsoft Sentinel
Nearly 70% of incidents in the Americas now begin with stolen or misused accounts. Infostealers are the engine behind that number β families like Lumma, RedLine, and Vidar export browser cookies and session tokens directly from the victimβs machine, β¦
Detecting OAuth Redirect Abuse with Microsoft Sentinel and Entra ID
On March 2, 2026, Microsoft published an advisory on OAuth redirection abuse enabling phishing and malware delivery. Microsoft described phishing-led campaigns where attackers register OAuth apps with attacker-controlled redirect URIs, then send β¦