@_CPResearch_ 🔐 Critical mitigations:
1. MFA + conditional access for Teams
2. Monitor audit logs for message tampering
3. Update IR for Teams-based engineering
4. Evidence: Cache headers before sanitization
1. MFA + conditional access for Teams
2. Monitor audit logs for message tampering
3. Update IR for Teams-based engineering
4. Evidence: Cache headers before sanitization
Parallels APT29 TTPs. Excellent research. #OSINT
