ITBlogs.ca

Real-world Microsoft 365, Entra ID, and security lessons from production environments — not theory.

Tuning Evilginx for Entra ID: A Technical Deep Dive into Lab EID-EXP-017

By Jaspreet Singh, Identity Security Researcher at f11.ca Traditional Multi-Factor Authentication (MFA) is increasingly ineffective. In Lab EID-EXP-017 , we advanced beyond basic phishing to demonstra...

25-Apr-2026

How OAuth Consent Phishing Works in Microsoft Entra ID (No Password, No MFA Bypass)

Introduction Most organizations use Multi-Factor Authentication (MFA), which requires users to provide multiple forms of identification, as a primary defense against account compromise. (Inc., 2023) H...

15-Apr-2026

EID-EXP-015: MFA Is Not Enough: A Technical Deep Dive into Session Persistence in Microsoft Entra ID

MFA Is Not Enough: A Technical Deep Dive into Session Persistence in Microsoft Entra ID Based on Lab: EID-EXP-015 (f11.ca) Multi-Factor Authentication (MFA) is widely adopted as a core identity securi...

08-Apr-2026

EID-EXP-013: Impossible Travel Detection vs VPN Behavior — Deep Dive for Security Engineers

EID-EXP-013: Impossible Travel Detection vs VPN Behavior — Deep Dive for Security Engineers Introduction Impossible travel detection is a widely used identity protection signal in modern cloud environ...

03-Apr-2026

MFA Fatigue Attacks in Microsoft Entra ID: A Technical Deep Dive (EID-EXP-014)

MFA Fatigue Attacks in Microsoft Entra ID: A Technical Deep Dive Introduction Multi-Factor Authentication (MFA) is a foundational control in modern identity security. However, its effectiveness depend...

01-Apr-2026

Conditional Access and Named Locations in Microsoft Entra ID – A Technical Deep Dive Lab (EID-EXP-010)

Introduction Microsoft Entra ID Conditional Access serves as the primary enforcement layer for identity security in modern cloud environments. A common configuration pattern across organisations inclu...

28-Mar-2026

Hybrid Identity Security Baseline – Deep Dive into Azure AD Connect and Entra ID Authentication (EID-EXP-009)

Hybrid Identity Security Baseline – Deep Dive into Azure AD Connect and Entra ID Authentication (EID-EXP-009) Hybrid identity is widely adopted in Microsoft 365 environments. Organizations maintain on...

18-Mar-2026

MFA Fatigue Attacks in Microsoft 365: Why Risk-Based Conditional Access Is Non-Negotiable (EID-EXP-008)

MFA Fatigue Attacks in Microsoft 365: Why Risk-Based Conditional Access Is Non-Negotiable Multi-Factor Authentication (MFA) is widely deployed across Microsoft 365 tenants. However, MFA fatigue attack...

04-Mar-2026

Block High-Risk Sign-ins in Microsoft Entra: Why “Detection” Isn’t Security (EID-EXP-007)

NOTE : This analysis is based on real tenant observations and controlled experiments documented on f11.ca (Experiment ID: EID-EXP-007 ). Most Microsoft Entra tenants detect risky sign-ins. However, it...

23-Feb-2026

Microsoft Entra Identity Protection: Configuring Alerts & Notifications for Risky Users and Risky Sign-ins (EID-EXP-006)

NOTE : This analysis is based on real tenant observations and controlled experiments documented on f11.ca (Experiment ID: EID-EXP-006 ). Hands-on lab (f11) Microsoft Entra Identity Protection is widel...

16-Feb-2026

Enforcing Risk Remediation in Microsoft Entra ID: Making Identity Protection Actually Stop Attacks (EID-EXP-005)

Microsoft Entra Identity Protection is a valuable security feature in Microsoft 365, yet it is often misunderstood. Many organizations assume: “If Identity Protection detects a risky sign-in, it will ...

12-Feb-2026

Identity Protection Alerts Often Overlooked: Why Detection Alone Does Not Prevent Compromise in Microsoft Entra ID

Identity Protection Alerts Often Overlooked: Why Detection Alone Does Not Prevent Compromise in Microsoft Entra ID Many view Microsoft Entra ID Identity Protection as a security feature designed to bl...

07-Feb-2026

1
2
3
4