T1539 on sentinelchangelog.net

T1539 on sentinelchangelog.nethttp://sentinelchangelog.net/tags/t1539/Recent content in T1539 on sentinelchangelog.netHugo -- 0.157.0enThu, 07 May 2026 10:50:16 +0000Microsoft Entra ID: New Hunting Query Detects Post-Compromise Token Abuse via ASN Mismatcheshttp://sentinelchangelog.net/posts/2026-05-07-pr-14207/Thu, 07 May 2026 10:50:16 +0000http://sentinelchangelog.net/posts/2026-05-07-pr-14207/Surfaces rapid ASN changes between interactive and non-interactive sign-ins within 10 minutes, indicating potential post-compromise token misuse.