Posts by fthy@mastodon.green
 (DIR) Post #AazAX5Fkl1sBooWH8i by fthy@mastodon.green
       2023-10-21T05:53:40Z
       
       0 likes, 0 repeats
       
       @adam Compromised, however if e.g. securedesktop prevents keyloggers from getting the master-password, the process-memory is isolated and the attacker only was able to grab screenshots, not all keys might be affected.I‘m in favor of raising the (security) bar for attackers to get to the passwords of a password-manager even if they have access to a client. The harder its for them and the louder they have to get, the better. And: Fido2 and MFA help in this case :)
       
 (DIR) Post #AxNB2eVQsPIqtZXZ0i by fthy@mastodon.green
       2025-08-19T12:25:21Z
       
       0 likes, 1 repeats
       
       Microsoft openly admitting they have not(!) had MFA, network segmentation, least privilege, software lifecycle, jump-servers, asset- and software-inventory etc for Azure PROD for years and they are not there yet.This whole report is just so scary. At the same time, good that they are finally working on it and making it transparent.Source: https://cdn-dynmedia-1.microsoft.com/is/content/microsoftcorp/microsoft/final/en-us/microsoft-brand/documents/sfi-april-2025-progress-report.pdf#Microsoft #azure #infosec