Information on how to create a conditional access policy in Microsoft Entra ID that blocks access from a list of IP’s - in this case a list of Tor IPs

This post is a summary of 6 months tracking AiTM campaigns using a rather clever technique we have devised that allows us to identify the backend infrastructure before it is used.