We delve into the Adversary in The Middle (AiTM) data that we have collected over the course of 2024 and pull out some stats to better understand the nature of the threat.

Information on how to create a conditional access policy in Microsoft Entra ID that blocks access from a list of IP’s - in this case a list of Tor IPs

This post is a summary of 6 months tracking AiTM campaigns using a rather clever technique we have devised that allows us to identify the backend infrastructure before it is used.