draeathJul 23, 2024

Seems at least one contributor of #seafile doesn't think #security is important: https://github.com/haiwen/seafile-admin-docs/issues/309

TL;DR they do not provide the required S3 actions to use S3 as a storage back-end, and when asked for this, the contributor stated "I think it is better to grant a general write permission."

This is an incredibly dangerous and short-sighted perspective.

This is just asking for someone to turn your S3 bucket into #phishing infrastructure!

#PrincipleOfLeastPrivilege

manual/deploy_pro/setup_with_amazon_s3.md does not list required permissions · Issue #309 · haiwen/seafile-admin-docs

This page should describe the required S3 actions, so that we can write an appropriate IAM or Bucket policy instead of having to guess, or grant more permissions than is required for the applicatio...

GitHub
Tarnkappe.infoJan 11, 2024
📬 Mach aus Deinem Unternehmen eine No-Go-Zone für Ransomware: der Leitfaden für die C-Suite
#Gastartikel #ITSicherheit #321BackupRegel #Cubbit #InformaTech #MultiSiteObjectLock #PrincipleofLeastPrivilege #S3Objektspeicher #SinglePointofFailure #Veeam https://sc.tarnkappe.info/47a468
Mach aus Deinem Unternehmen eine No-Go-Zone für Ransomware: der Leitfaden für die C-Suite

Ransomware ist eine der größten Bedrohungen. Im Jahr 2025 soll es weltweit drei Viertel aller Unternehmen treffen. Was kann man dagegen tun?

Tarnkappe.info
DiffieHellmanStan (Tony)Apr 14, 2023

Seems like #GovernmentOverreach is being justified by...the failure of the #government to engage in proper #vetting of their people and ensure that the #PrincipleOfLeastPrivilege is being adhered to when it comes to #classified documents. Or am I missing something here?

#Privacy #PrivacyMatters #PrivacyRights #NationalSecurity

https://www.nbcnews.com/politics/national-security/us-intel-agencies-missed-classified-documents-leaked-on-discord-rcna79404?cid=sm_npd_nn_tw_ma&taid=643711501d49bb0001313082&utm_campaign=trueanthem&utm_medium=social&utm_source=twitter

U.S. intel agencies may change how they monitor social media, chatrooms after missing leaked U.S. documents for weeks

The Biden administration is looking at expanding how it monitors social media and chatrooms after intel agencies didn't see classified U.S. documents circulating online for weeks.

NBC News
Shannon Eldridge-KuehnDec 6, 2022

In the chance this goes somewhere, tomorrow morning at 8am PST on the #The425Show, join me as I bring Guru from the product team on to take #Entra #Permissions #Management for a test drive! Don't pass this one by!

https://425.show/twitch

#permissionsondemand #principleofleastprivilege #ciem #multicloud

425show - Twitch

Microsoft Identity Digital Influencer crew and friends

Twitch