Blog
News, research and updates from the Attic team
DSD Europe expands security portfolio with Attic Security for Microsoft 365
Rosmalen, February 10, 2026 — DSD Europe expands its security portfolio with Attic Security, a Dutch cybersecurity solution purpose-built for MSPs.
Read more →
Attic Security and M365Permissions partner for better Microsoft 365 access management and security
Attic Security and M365Permissions are partnering up to give organisations full visibility into access permissions within Microsoft 365 and Azure environments.
Read more →How we recovered 21k after helpdesk fraud
Episode 4 of SCAM ALERT covered an IR case I worked back in 2021. Now that it is public, here is the full technical post-mortem of what actually happened — and how we got the money back.
Read more →
MSP Show brings MSPs from across the Benelux together
MSP Benelux is organising the MSP Show on September 16 at Jaarbeurs Utrecht. Managed Service Providers from across the Benelux will come together at this event.
Read more →
The financial impact of a cyberattack: a realistic look for SMBs
Discover the cost of cyberattacks for SMBs and learn how prevention protects your business against severe financial damage.
Read more →
RSAC 2025 - Saasified Crime: AiTM on the Rise
Video recording of talk by Rik van Duijn and Wesley Neelen titled Saasified Crime: AiTM on the Rise during RSA Conference 2025.
Read more →
Attic is Cybersecurity Made in Europe
Thanks to our finalist spot at the ECSO STARtup awards in The Hague, Attic Security now carries the Cybersecurity Made In Europe label.
Read more →
AiTM for WHFB persistence
Learn how we managed to circumvent \"phishing-resistant\" MFA based on Windows Hello for Business, during an internal capture-the-flag competition.
Read more →
Phishing for Refresh Tokens
Recently I did the \"Offensive Entra ID (Azure AD) and hybrid AD security\" training during which Dirk-jan did a demo where he used a modified EvilGinx phislet to
Read more →
DevOps access is closer than you assume
tldr: Azure DevOps can be accessed using multiple 1st party client ids, allowing anyone to pivot from a stolen session to access the repositories. When we speak
Read more →
FastHTTP bruteforce attack: more than 50% of organizations targeted
Yesterday we conducted research among users of the Sentinel add-on for Attic M365. We investigated the impact of a large-scale bruteforce attack targeting Microsoft 365.
Read more →
Watch back: AiTM session at CyberSec NL
On November 6 and 7, CyberSec Netherlands took place at the Jaarbeurs in Utrecht. I gave a talk titled "AiTM: How Criminals Circumvent MFA". The recording is now on YouTube.
Read more →
Release Notes 2024.5.0
These are the Release Notes for Attic Security release 2024.5.0. First fully multilingual version of Attic supporting English and Dutch.
Read more →With Attic, NEH delivers an even more secure Microsoft 365 workplace to housing associations
Attic and NEH, the market leader as IT provider for housing associations, have joined forces in a strategic partnership to significantly improve security.
Read more →Protect your Microsoft tenant against phishing attacks
Today we added a new check and fix to Attic Microsoft 365 Premium that lets you protect your Microsoft tenant against phishing attacks.
Read more →Setting up a SOC: start small, but aim for the jackpot
If you are setting up a SOC function, follow the NCSC factsheet. But here are two key additions for organizations using Microsoft 365.
Read more →
Attic Release 2023.12.0
With this release we're launching Attic as an affordable and straightforward SOC-as-a-Service, powered by Microsoft Sentinel!
Read more →