Unternehmens News
baseVISION TI – Hijacking Microsoft company accounts via TikTok open redirection abuse is still a thing
In our latest TI report, baseVISION uncovers a phishing campaign that abuses TikTok’s open redirect feature to hijack Microsoft credentials. The attackers use multi-stage redirect chains, IP-based cloaking, and Adversary-in-the-Middle (AiTM) phishing pages to bypass MFA and steal session tokens. We break down the full attack chain, indicators of compromise,
Microsoft hat uns mit der Advanced Specialization für Information Protection and Governance ausgezeichnet.
baseVISION erreicht neuen Meilenstein im Bereich Microsoft Security Diese Spezialisierung bestätigt nicht nur unser fundiertes Fachwissen, sondern auch unsere nachgewiesene Projekterfahrung mit Microsoft Purview und verwandten Lösungen. Für uns ist das ein weiterer wichtiger Meilenstein – denn mit dieser Spezialisierung halten wir nun alle vier verfügbaren Microsoft Security Spezialisierungen. Was
baseVISION TI – Click, Paste and Compromise: When User’s Trust Becomes Your Greatest Vulnerability
In a world where cyber threats evolve faster than ever, one thing remains constant: attackers are still betting on human error. Our latest report, “Click, Paste and Compromise: When User Trust Becomes Your Greatest Vulnerability,” dives deep into the rise of ClickFix—a social engineering technique that tricks users into executing malicious commands through
baseVISION has been named a Microsoft Entra Suite Integration Partner!
For the past three years, baseVISION has successfully delivered engagements and solutions using the capabilities of the Microsoft Entra Suite. Since 2022 we were expanding our consulting and engineering services with Microsoft’s growing product portfolio and gained important hands-on knowledge in the areas of identity governance and administration (IGA), Security
baseVISION TI – Patch, Exploit, Repeat: A Never-Ending Cycle for Windows Common Log File System Driver Vulnerabilities
Since 2024, multiple zero-day vulnerabilities in the Windows Common Log File System (CLFS) driver have been exploited by ransomware groups like RansomEXX and Play (Balloonfly). These Elevation of Privilege (EoP) flaws enabled SYSTEM-level access and were used in real-world attacks before patches were released. Microsoft issued fixes across several Patch
Willkommen Keith
Wir freuen uns, Keith Potter im baseVISION-Team willkommen zu heissen!Als Senior Security Consultant bringt er umfassende Expertise und neue Impulse in unsere Sicherheitsservices ein. Wir freuen uns auf die Zusammenarbeit – herzlich willkommen, Keith! Auf Stellensuche? Wir sind immer auf der Suche nach neuen, motivierten Mitarbeitenden, die unser Team ergänzen