Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://cyberplace.social/@GossiTheDog" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>GossiTheDog</span></a></span> the sheer fact that <a href="https://infosec.space/tags/MSPs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MSPs</span></a> & <a href="https://infosec.space/tags/CSPs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CSPs</span></a> can access clients' setups without proper <a href="https://infosec.space/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authorization</span></a> [including <a href="https://infosec.space/tags/KYC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KYC</span></a> / <a href="https://infosec.space/tags/KYB" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KYB</span></a>, <a href="https://infosec.space/tags/AuthCode" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AuthCode</span></a>|s and proper authorization via contract] is already sickening.</p><ul><li><a href="https://cyberplace.social/@GossiTheDog/114104955818018205" rel="nofollow noopener" target="_blank">This</a> literally <em>begs to be abused</em> via <a href="https://infosec.space/tags/SocialEngineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SocialEngineering</span></a> / <a href="https://infosec.space/tags/SocialHacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SocialHacking</span></a> of <a href="https://infosec.space/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> personnel or just blatant <em>"<a href="https://infosec.space/tags/PrivilegueEscalation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PrivilegueEscalation</span></a>"</em> through falsefully claiming to be a <a href="https://infosec.space/tags/MSP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MSP</span></a> / <a href="https://infosec.space/tags/CSP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CSP</span></a> contracted by the targeted company.</li></ul><p>Such fundamental <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a> fuckups are reasons alone not to use <a href="https://infosec.space/tags/Azure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Azure</span></a> or any <a href="https://infosec.space/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> products & services <em>at all</em>...</p><ul><li>I mean, it doesn't require <a href="https://infosec.space/tags/Mitnick" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mitnick</span></a>-level skills to pull this off, since it doesn't necessitate <a href="https://infosec.space/tags/Lapsus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Lapsus</span></a>-Style <a href="https://infosec.space/tags/SIMswap" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SIMswap</span></a> or other means to gain access...</li></ul>
corteximplant.com is one of the many independent Mastodon servers you can use to participate in the fediverse.
CORTEX IMPLANT - an international cyberpunk'ish LGBTQIA+ friendly Fediverse instance for edgerunners, netrunners and cyberpunks and all who want to become one.
Administered by:
Server stats:
227active users
corteximplant.com: About · Status · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.0-alpha.4+glitch.cortex
#mitnick
0 posts · 0 participants · 0 posts today
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@masterhajoda" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>masterhajoda</span></a></span> so fundamentale <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a>, <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a>, <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> & <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a>-Fehler have uch nirgendwo gesehen.</p><ul><li><p>Würde ich sowas <em>remote</em> versuchen könnte ich mich glücklich schätzen wenn nur meine Tür eingetreten wird und ich nicht in ner <a href="https://infosec.space/tags/BlackSite" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BlackSite</span></a> alla <a href="https://infosec.space/tags/DiegoGarcia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DiegoGarcia</span></a> aufwache.</p></li><li><p><em>Vor-Ort</em> würde es eher in nem Bodybag denn Handschellen enden.</p></li></ul><p>Aber anscheinend hat keiner seit <a href="https://infosec.space/tags/Mitnick" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mitnick</span></a> gelernt, random Leuten Zugänge und Zutritt zu verweigern!</p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload