shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.

Administered by:

Server stats:

261
active users

#csp

0 posts0 participants0 posts today
Replied in thread

@GossiTheDog the sheer fact that #MSPs & #CSPs can access clients' setups without proper #authorization [including #KYC / #KYB, #AuthCode|s and proper authorization via contract] is already sickening.

Such fundamental #ITsec fuckups are reasons alone not to use #Azure or any #Microsoft products & services at all...

  • I mean, it doesn't require #Mitnick-level skills to pull this off, since it doesn't necessitate #Lapsus-Style #SIMswap or other means to gain access...
CyberplaceKevin Beaumont (@GossiTheDog@cyberplace.social)Attached: 3 images This is the partner.microsoft.com portal, it allows CSPs - Cloud Solution Providers - to gain access to their customer's environments. CVE-2024-49035 was around improper privilege management, i.e. being able to access things you shouldn't. It being in CISA KEV says it was being exploited in the wild. That portal allows a huge footprint of access by design.

tumblr.com/fenmere/76183583198

YO ALL ARTISTS WHO USE KRITA, CSP AND PROCREATE: PLEASE READ THIS AND CHECK YOUR COLOR SETTINGS.

there's a chance that your program had been using incorrect color settings and thus all of your works and ref sheets might have been desaturated or looking wrong

TumblrThe FenworksJust to make a point, every time I finished a panel of this I would export it as a PNG on the perceptual setting and use it as a color reference for the next panel IT'S BAD PLEASE CHECK YOUR COLOR…

I'm still doing some debugging of some #CSP #Content #Security #policy #cookie setting on my web service.

I can see the right `Set-Cookie` content being sent back in the `Response Headers` but I cannot for the life of me figure out why #Firefox is rejecting it. Meanwhile #Edge sets the same cookie fine. And in the past, when I use Edge's dev tools to inspect the page and it rejects the cookie, I get a little ⚠️ symbol that tells me *why*.

1/