Lingolol

LMG SecurityNon-Human Identities: The Hidden Risk in Your StackNon-human identities (NHIs)—like API keys, service accounts, and OAuth tokens—now outnumber human accounts in many enterprises. But are you managing them securely? With 46% of organizations reporting compromises of NHI credentials just this year, it’s clear: these powerful, often-overlooked accounts are the next cybersecurity frontier.Read The Hacker News article for more details: <a href="https://thehackernews.com/2025/06/the-hidden-threat-in-your-stack-why-non.html" rel="nofollow noopener" translate="no" target="_blank">https://thehackernews.com/2025/06/the-hidden-threat-in-your-stack-why-non.html</a><a href="https://infosec.exchange/tags/IdentitySecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#IdentitySecurity</a> <a href="https://infosec.exchange/tags/CyberRisk" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberRisk</a> <a href="https://infosec.exchange/tags/APIsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#APIsecurity</a> <a href="https://infosec.exchange/tags/NHIs" class="mention hashtag" rel="nofollow noopener" target="_blank">#NHIs</a> <a href="https://infosec.exchange/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#DevSecOps</a> <a href="https://infosec.exchange/tags/IAM" class="mention hashtag" rel="nofollow noopener" target="_blank">#IAM</a> <a href="https://infosec.exchange/tags/CISO" class="mention hashtag" rel="nofollow noopener" target="_blank">#CISO</a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cybersecurity</a> <a href="https://infosec.exchange/tags/MachineIdentities" class="mention hashtag" rel="nofollow noopener" target="_blank">#MachineIdentities</a> <a href="https://infosec.exchange/tags/ZeroTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#ZeroTrust</a> <a href="https://infosec.exchange/tags/RiskManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#RiskManagement</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#IT</a> <a href="https://infosec.exchange/tags/ITsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#ITsecurity</a>

FusionDirectoryC'est le deuxième jour des assises du <a href="https://bird.makeup/users/csiesr" class="u-url mention" rel="nofollow noopener" target="_blank">@csiesr</a> <a href="https://techhub.social/@benoitmortier" class="u-url mention" rel="nofollow noopener" target="_blank">@benoitmortier</a> vous attend sur le stand pour vous montrer les dernières nouveautés de <a href="https://pouet.chapril.org/@fusiondirectory" class="u-url mention" rel="nofollow noopener" target="_blank">@fusiondirectory</a> . Vous présentez aussi nos services de <a href="https://pouet.chapril.org/tags/conseil" class="mention hashtag" rel="nofollow noopener" target="_blank">#conseil</a>, <a href="https://pouet.chapril.org/tags/accompagnement" class="mention hashtag" rel="nofollow noopener" target="_blank">#accompagnement</a>, <a href="https://pouet.chapril.org/tags/formations" class="mention hashtag" rel="nofollow noopener" target="_blank">#formations</a> <a href="https://pouet.chapril.org/tags/logiciellibre" class="mention hashtag" rel="nofollow noopener" target="_blank">#logiciellibre</a> <a href="https://pouet.chapril.org/tags/rest" class="mention hashtag" rel="nofollow noopener" target="_blank">#rest</a> <a href="https://pouet.chapril.org/tags/api" class="mention hashtag" rel="nofollow noopener" target="_blank">#api</a> <a href="https://pouet.chapril.org/tags/workflow" class="mention hashtag" rel="nofollow noopener" target="_blank">#workflow</a> <a href="https://pouet.chapril.org/tags/esr" class="mention hashtag" rel="nofollow noopener" target="_blank">#esr</a> <a href="https://pouet.chapril.org/tags/iam" class="mention hashtag" rel="nofollow noopener" target="_blank">#iam</a> <a href="https://pouet.chapril.org/tags/identites" class="mention hashtag" rel="nofollow noopener" target="_blank">#identites</a> <a href="https://pouet.chapril.org/tags/gia" class="mention hashtag" rel="nofollow noopener" target="_blank">#gia</a> <a href="https://pouet.chapril.org/tags/assisesducsiesr" class="mention hashtag" rel="nofollow noopener" target="_blank">#assisesducsiesr</a>

BenjaminIs it like actually POSSIBLE to restrict user access to ANY client in Keycloak? So far I find a lot of answers to this question, many of which are many years old, but none work. No matter what policies I configure, I keep being able to log in to an application even though it feels like I shouldn't be.Restriction access to clients should not be this hard.<a href="https://toot.berlin/tags/Keycloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#Keycloak</a> <a href="https://toot.berlin/tags/IAM" class="mention hashtag" rel="nofollow noopener" target="_blank">#IAM</a>

LemonLDAP::NG🍋 LemonLDAP::NG 2.21 is out!📃 This new release includes improvements on OpenID Connect and CAS protocols, Loki logger, public notifications and much more.🔗 Read our release notes: <a href="https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-21-0-is-out/" rel="nofollow noopener" translate="no" target="_blank">https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-21-0-is-out/</a><a href="https://fosstodon.org/@ow2" class="u-url mention" rel="nofollow noopener" target="_blank">@ow2</a> <a href="https://mastodon.social/@worteks_com" class="u-url mention" rel="nofollow noopener" target="_blank">@worteks_com</a> <a href="https://fosstodon.org/tags/IAM" class="mention hashtag" rel="nofollow noopener" target="_blank">#IAM</a> <a href="https://fosstodon.org/tags/SSO" class="mention hashtag" rel="nofollow noopener" target="_blank">#SSO</a> <a href="https://fosstodon.org/tags/CAS" class="mention hashtag" rel="nofollow noopener" target="_blank">#CAS</a> <a href="https://fosstodon.org/tags/SAML" class="mention hashtag" rel="nofollow noopener" target="_blank">#SAML</a> <a href="https://fosstodon.org/tags/OpenIDConnect" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenIDConnect</a> <a href="https://fosstodon.org/tags/OW2" class="mention hashtag" rel="nofollow noopener" target="_blank">#OW2</a> <a href="https://fosstodon.org/tags/lemonldap" class="mention hashtag" rel="nofollow noopener" target="_blank">#lemonldap</a> <a href="https://fosstodon.org/tags/lemonldapng" class="mention hashtag" rel="nofollow noopener" target="_blank">#lemonldapng</a> <a href="https://fosstodon.org/tags/Passkeys" class="mention hashtag" rel="nofollow noopener" target="_blank">#Passkeys</a> <a href="https://fosstodon.org/tags/Passwordless" class="mention hashtag" rel="nofollow noopener" target="_blank">#Passwordless</a> <a href="https://fosstodon.org/tags/WebAuthn" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebAuthn</a> <a href="https://fosstodon.org/tags/FIDO2" class="mention hashtag" rel="nofollow noopener" target="_blank">#FIDO2</a> <a href="https://fosstodon.org/tags/Loki" class="mention hashtag" rel="nofollow noopener" target="_blank">#Loki</a> <a href="https://fosstodon.org/tags/WebSSO" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebSSO</a> <a href="https://fosstodon.org/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSource</a> <a href="https://fosstodon.org/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener" target="_blank">#FreeSoftware</a> <a href="https://fosstodon.org/tags/LogicielLibre" class="mention hashtag" rel="nofollow noopener" target="_blank">#LogicielLibre</a> <a href="https://fosstodon.org/tags/Perl" class="mention hashtag" rel="nofollow noopener" target="_blank">#Perl</a>

LDAP Tool Box Project🆕 LDAP Tool Box Service Desk 0.6.2 released!ℹ️ LDAP Tool Box Service Desk is a web application for administrators and support teams. It allows to browse accounts in an LDAP directory, view and update their password and security status.🔗 News on OW2 : <a href="https://projects.ow2.org/view/ldaptoolbox/ltb-service-desk-0-6-2-released/" rel="nofollow noopener" translate="no" target="_blank">https://projects.ow2.org/view/ldaptoolbox/ltb-service-desk-0-6-2-released/</a> 🔗 Release on GitHub : <a href="https://github.com/ltb-project/service-desk/releases/tag/v0.6.2" rel="nofollow noopener" translate="no" target="_blank">https://github.com/ltb-project/service-desk/releases/tag/v0.6.2</a> 🔗 Download : <a href="https://ltb-project.org/download.html" rel="nofollow noopener" translate="no" target="_blank">https://ltb-project.org/download.html</a><a href="https://floss.social/tags/LDAP" class="mention hashtag" rel="nofollow noopener" target="_blank">#LDAP</a> <a href="https://floss.social/tags/OpenLDAP" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenLDAP</a> <a href="https://floss.social/tags/ActiveDirectory" class="mention hashtag" rel="nofollow noopener" target="_blank">#ActiveDirectory</a> <a href="https://floss.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSource</a> <a href="https://floss.social/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener" target="_blank">#FreeSoftware</a> <a href="https://floss.social/tags/IAM" class="mention hashtag" rel="nofollow noopener" target="_blank">#IAM</a> <a href="https://floss.social/tags/IGA" class="mention hashtag" rel="nofollow noopener" target="_blank">#IGA</a>

FusionDirectoryFusionDirectory vous présente sa toute nouvelle suite logicielle !Vous l’attendiez depuis longtemps 😎 !Mais, pourquoi parler de suite logicielle, me direz-vous ?Nous sommes donc heureux de vous présenter FusionDirectory 1.5, FusionDirectory Orchestrator 1.1, FusionDirectory Integrator 1.2Ces trois composants constituent dès à présent la suite logicielle FusionDirectory.Cette nouvelle version est centrée majoritairement autour de notre moteur de workflow <a href="https://pouet.chapril.org/tags/iam" class="mention hashtag" rel="nofollow noopener" target="_blank">#iam</a> <a href="https://www.fusiondirectory.org/fusiondirectory-vous-presente-sa-toute-nouvelle-suite-logicielle/" rel="nofollow noopener" translate="no" target="_blank">https://www.fusiondirectory.org/fusiondirectory-vous-presente-sa-toute-nouvelle-suite-logicielle/</a>

נקודה ופסיק; SemicolonI think therefore Identity & Access Management.<a href="https://tooot.im/tags/aws" class="mention hashtag" rel="nofollow noopener" target="_blank">#aws</a> <a href="https://tooot.im/tags/iam" class="mention hashtag" rel="nofollow noopener" target="_blank">#iam</a> <a href="https://tooot.im/tags/IdentityAndAccessManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#IdentityAndAccessManagement</a>

50+ Music"After the Love Has Gone" is a song by <a href="https://mastodon.online/tags/EarthWindAndFire" class="mention hashtag" rel="nofollow noopener" target="_blank">#EarthWindAndFire</a>, released in 1979 as the second single from their ninth studio album <a href="https://mastodon.online/tags/IAm" class="mention hashtag" rel="nofollow noopener" target="_blank">#IAm</a> on <a href="https://mastodon.online/tags/ARC" class="mention hashtag" rel="nofollow noopener" target="_blank">#ARC</a>/#ColumbiaRecords. The song reached No. 2 on both the US Billboard Hot 100 (behind <a href="https://mastodon.online/tags/theKnack" class="mention hashtag" rel="nofollow noopener" target="_blank">#theKnack</a>'s "<a href="https://mastodon.online/tags/MySharona" class="mention hashtag" rel="nofollow noopener" target="_blank">#MySharona</a>") and the Billboard <a href="https://mastodon.online/tags/HotRAndBSingles" class="mention hashtag" rel="nofollow noopener" target="_blank">#HotRAndBSingles</a> chart, No. 3 on the Billboard <a href="https://mastodon.online/tags/AdultContemporary" class="mention hashtag" rel="nofollow noopener" target="_blank">#AdultContemporary</a> chart, and No. 4 on the <a href="https://mastodon.online/tags/UKSinglesChart" class="mention hashtag" rel="nofollow noopener" target="_blank">#UKSinglesChart</a>. <a href="https://mastodon.online/tags/AfterTheLoveHasGone" class="mention hashtag" rel="nofollow noopener" target="_blank">#AfterTheLoveHasGone</a> was certified gold in the US by the <a href="https://mastodon.online/tags/RIAA" class="mention hashtag" rel="nofollow noopener" target="_blank">#RIAA</a> and silver in the UK by the <a href="https://mastodon.online/tags/BPI" class="mention hashtag" rel="nofollow noopener" target="_blank">#BPI</a>. <a href="https://www.youtube.com/watch?v=0TC0iH1MmzY" rel="nofollow noopener" translate="no" target="_blank">https://www.youtube.com/watch?v=0TC0iH1MmzY</a>

Paul Sanders 😎Fancy some typical <a href="https://infosec.exchange/tags/linkedin" class="mention hashtag" rel="nofollow noopener" target="_blank">#linkedin</a> posts about <a href="https://infosec.exchange/tags/Yobah" class="mention hashtag" rel="nofollow noopener" target="_blank">#Yobah</a>? It’ll be written to fit into the algorithm, but you might find some cool info or news. Most of my upcoming <a href="https://infosec.exchange/tags/blog" class="mention hashtag" rel="nofollow noopener" target="_blank">#blog</a> posts on <a href="https://infosec.exchange/tags/iam" class="mention hashtag" rel="nofollow noopener" target="_blank">#iam</a>, <a href="https://infosec.exchange/tags/zerotrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#zerotrust</a> and <a href="https://infosec.exchange/tags/entraID" class="mention hashtag" rel="nofollow noopener" target="_blank">#entraID</a> will be posted here first.Would love it if you could drop us a follow :)<a href="https://www.linkedin.com/company/the-yobah-network/" rel="nofollow noopener" translate="no" target="_blank">https://www.linkedin.com/company/the-yobah-network/</a>

Paul Sanders 😎If you want to know more about <a href="https://infosec.exchange/tags/yobah" class="mention hashtag" rel="nofollow noopener" target="_blank">#yobah</a>, then why not visit the website at <a href="https://yobah.co.uk" rel="nofollow noopener" translate="no" target="_blank">https://yobah.co.uk</a>? <a href="https://infosec.exchange/tags/introduction" class="mention hashtag" rel="nofollow noopener" target="_blank">#introduction</a> <a href="https://infosec.exchange/tags/strategy" class="mention hashtag" rel="nofollow noopener" target="_blank">#strategy</a> <a href="https://infosec.exchange/tags/architect" class="mention hashtag" rel="nofollow noopener" target="_blank">#architect</a> <a href="https://infosec.exchange/tags/iam" class="mention hashtag" rel="nofollow noopener" target="_blank">#iam</a> <a href="https://infosec.exchange/tags/zerotrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#zerotrust</a> <a href="https://infosec.exchange/tags/infrastructure" class="mention hashtag" rel="nofollow noopener" target="_blank">#infrastructure</a> <a href="https://infosec.exchange/tags/sccm" class="mention hashtag" rel="nofollow noopener" target="_blank">#sccm</a> <a href="https://infosec.exchange/tags/manchester" class="mention hashtag" rel="nofollow noopener" target="_blank">#manchester</a> <a href="https://infosec.exchange/tags/uk" class="mention hashtag" rel="nofollow noopener" target="_blank">#uk</a> <a href="https://infosec.exchange/tags/Yobah" class="mention hashtag" rel="nofollow noopener" target="_blank">#Yobah</a> <a href="https://infosec.exchange/tags/consultancy" class="mention hashtag" rel="nofollow noopener" target="_blank">#consultancy</a>

Paul Sanders 😎Think it’s time to update my <a href="https://infosec.exchange/tags/introduction" class="mention hashtag" rel="nofollow noopener" target="_blank">#introduction</a> post. Hi! I’m a <a href="https://infosec.exchange/tags/strategy" class="mention hashtag" rel="nofollow noopener" target="_blank">#strategy</a> <a href="https://infosec.exchange/tags/architect" class="mention hashtag" rel="nofollow noopener" target="_blank">#architect</a> by trade, focusing mostly on <a href="https://infosec.exchange/tags/iam" class="mention hashtag" rel="nofollow noopener" target="_blank">#iam</a> and <a href="https://infosec.exchange/tags/zerotrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#zerotrust</a> - albeit a long history in <a href="https://infosec.exchange/tags/infrastructure" class="mention hashtag" rel="nofollow noopener" target="_blank">#infrastructure</a> architecture. Cut my teeth as it were during the virtualisation revolution (I feel older than that 😂) Prior to that, I did desktop builds using Norton ghost and then <a href="https://infosec.exchange/tags/sccm" class="mention hashtag" rel="nofollow noopener" target="_blank">#sccm</a>.I live in <a href="https://infosec.exchange/tags/manchester" class="mention hashtag" rel="nofollow noopener" target="_blank">#manchester</a>, <a href="https://infosec.exchange/tags/uk" class="mention hashtag" rel="nofollow noopener" target="_blank">#uk</a> and started <a href="https://infosec.exchange/tags/Yobah" class="mention hashtag" rel="nofollow noopener" target="_blank">#Yobah</a> - a boutique <a href="https://infosec.exchange/tags/consultancy" class="mention hashtag" rel="nofollow noopener" target="_blank">#consultancy</a> working on strategy transformation.Feel free to reach out and say hi!

50+ Music"After the Love Has Gone" is a song by <a href="https://mastodon.online/tags/EarthWindAndFire" class="mention hashtag" rel="nofollow noopener" target="_blank">#EarthWindAndFire</a>, released in 1979 as the second single from their ninth studio album <a href="https://mastodon.online/tags/IAm" class="mention hashtag" rel="nofollow noopener" target="_blank">#IAm</a> on <a href="https://mastodon.online/tags/ARC" class="mention hashtag" rel="nofollow noopener" target="_blank">#ARC</a>/#ColumbiaRecords. The song reached No. 2 on both the US Billboard Hot 100 (behind <a href="https://mastodon.online/tags/theKnack" class="mention hashtag" rel="nofollow noopener" target="_blank">#theKnack</a>'s "<a href="https://mastodon.online/tags/MySharona" class="mention hashtag" rel="nofollow noopener" target="_blank">#MySharona</a>") and the Billboard <a href="https://mastodon.online/tags/HotRAndBSingles" class="mention hashtag" rel="nofollow noopener" target="_blank">#HotRAndBSingles</a> chart, No. 3 on the Billboard <a href="https://mastodon.online/tags/AdultContemporary" class="mention hashtag" rel="nofollow noopener" target="_blank">#AdultContemporary</a> chart, and No. 4 on the <a href="https://mastodon.online/tags/UKSinglesChart" class="mention hashtag" rel="nofollow noopener" target="_blank">#UKSinglesChart</a>. <a href="https://mastodon.online/tags/AfterTheLoveHasGone" class="mention hashtag" rel="nofollow noopener" target="_blank">#AfterTheLoveHasGone</a> was certified gold in the US by the <a href="https://mastodon.online/tags/RIAA" class="mention hashtag" rel="nofollow noopener" target="_blank">#RIAA</a> and silver in the UK by the <a href="https://mastodon.online/tags/BPI" class="mention hashtag" rel="nofollow noopener" target="_blank">#BPI</a>. <a href="https://www.youtube.com/watch?v=7tuJfud4W6U" rel="nofollow noopener" translate="no" target="_blank">https://www.youtube.com/watch?v=7tuJfud4W6U</a>

FusionDirectoryLes <a href="https://mastodon.gougere.fr/@LesJRES" class="u-url mention" rel="nofollow noopener" target="_blank">@LesJRES</a> journées réseaux de l’enseignement et de la recherche se déroulent à Rennes cette année du 10 au 13 décembre 2024.FusionDirectory y sera présent comme à chaque fois 😎. Nous venons cette année avec notre hôte remplie de nouveautés 😉<a href="https://www.fusiondirectory.org/venez-faire-le-plein-de-nouveautes-au-jres-2024-a-rennes-avec-fusiondirectory/" rel="nofollow noopener" translate="no" target="_blank">https://www.fusiondirectory.org/venez-faire-le-plein-de-nouveautes-au-jres-2024-a-rennes-avec-fusiondirectory/</a>Nous sommes impatients de vous rencontrer 😎 et de partager toutes ces nouveautés avec vous<a href="https://pouet.chapril.org/tags/iam" class="mention hashtag" rel="nofollow noopener" target="_blank">#iam</a> <a href="https://pouet.chapril.org/tags/rest" class="mention hashtag" rel="nofollow noopener" target="_blank">#rest</a> <a href="https://pouet.chapril.org/tags/api" class="mention hashtag" rel="nofollow noopener" target="_blank">#api</a> <a href="https://pouet.chapril.org/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#opensource</a> <a href="https://pouet.chapril.org/tags/workflow" class="mention hashtag" rel="nofollow noopener" target="_blank">#workflow</a> <a href="https://pouet.chapril.org/tags/supann" class="mention hashtag" rel="nofollow noopener" target="_blank">#supann</a> <a href="https://pouet.chapril.org/tags/cycledevie" class="mention hashtag" rel="nofollow noopener" target="_blank">#cycledevie</a> <a href="https://pouet.chapril.org/tags/notifications" class="mention hashtag" rel="nofollow noopener" target="_blank">#notifications</a> <a href="https://pouet.chapril.org/tags/audit" class="mention hashtag" rel="nofollow noopener" target="_blank">#audit</a> <a href="https://pouet.chapril.org/tags/orchestrator" class="mention hashtag" rel="nofollow noopener" target="_blank">#orchestrator</a> <a href="https://bird.makeup/users/csiesr" class="u-url mention" rel="nofollow noopener" target="_blank">@csiesr</a> <a href="https://mstdn.social/@renater" class="u-url mention" rel="nofollow noopener" target="_blank">@renater</a> <a href="https://mamot.fr/@plossra_a" class="u-url mention" rel="nofollow noopener" target="_blank">@plossra_a</a> <a href="https://birdsite.wilde.cloud/users/cnll_fr" class="u-url mention" rel="nofollow noopener" target="_blank">@cnll_fr</a>

WHY☎️5555I've written a new blog post taking a moderately deep dive into "Threat Modeling YubiKeys and Passkeys"<a href="https://yawnbox.is/blog/threat-modeling-yubikeys-and-passkeys/" rel="nofollow noopener" translate="no" target="_blank">https://yawnbox.is/blog/threat-modeling-yubikeys-and-passkeys/</a>I greatly welcome feedback as I want to make sure I'm not misrepresenting anything. I want to make it better if it can be improved. I'm happy to be wrong, just please provide details and links!also, i need a job! if you like my work, maybe you know of something where i'd be a good fit.<a href="https://disobey.net/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://disobey.net/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://disobey.net/tags/IAM" class="mention hashtag" rel="nofollow noopener" target="_blank">#IAM</a> <a href="https://disobey.net/tags/FIDO2" class="mention hashtag" rel="nofollow noopener" target="_blank">#FIDO2</a> <a href="https://disobey.net/tags/WebAuthn" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebAuthn</a> <a href="https://disobey.net/tags/YubiKey" class="mention hashtag" rel="nofollow noopener" target="_blank">#YubiKey</a> <a href="https://disobey.net/tags/YubiKeys" class="mention hashtag" rel="nofollow noopener" target="_blank">#YubiKeys</a> <a href="https://disobey.net/tags/passkey" class="mention hashtag" rel="nofollow noopener" target="_blank">#passkey</a> <a href="https://disobey.net/tags/passkeys" class="mention hashtag" rel="nofollow noopener" target="_blank">#passkeys</a> <a href="https://disobey.net/tags/GetFediHired" class="mention hashtag" rel="nofollow noopener" target="_blank">#GetFediHired</a>

HN SecurityOur security researchers @cod_rse@twitter.com and <a href="https://infosec.exchange/@inode" class="u-url mention" rel="nofollow noopener" target="_blank">@inode</a> conducted a security assessment on <a href="https://infosec.exchange/tags/Keycloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#Keycloak</a>, identifying significant vulnerabilities impacting this open-source <a href="https://infosec.exchange/tags/IAM" class="mention hashtag" rel="nofollow noopener" target="_blank">#IAM</a> solution.Read the full article at <a href="https://security.humanativaspa.it/an-analysis-of-the-keycloak-authentication-system" rel="nofollow noopener" translate="no" target="_blank">https://security.humanativaspa.it/an-analysis-of-the-keycloak-authentication-system</a>

GÉANTThe <a href="https://mstdn.social/tags/TNC25" class="mention hashtag" rel="nofollow noopener" target="_blank">#TNC25</a> Call for Proposals for single presentations and side meetings is now open!Whether you’re a long-standing member of the community, or have just joined the <a href="https://mstdn.social/tags/research" class="mention hashtag" rel="nofollow noopener" target="_blank">#research</a> and <a href="https://mstdn.social/tags/education" class="mention hashtag" rel="nofollow noopener" target="_blank">#education</a> world and are working on a cool project, TNC25 invites you to submit your proposals!➡️ Check guidelines & apply before 28 Nov: <a href="https://tnc25.geant.org/submit" rel="nofollow noopener" translate="no" target="_blank">https://tnc25.geant.org/submit</a><a href="https://mstdn.social/tags/NRENs" class="mention hashtag" rel="nofollow noopener" target="_blank">#NRENs</a> <a href="https://mstdn.social/tags/HigherEducation" class="mention hashtag" rel="nofollow noopener" target="_blank">#HigherEducation</a> <a href="https://mstdn.social/tags/HigherEd" class="mention hashtag" rel="nofollow noopener" target="_blank">#HigherEd</a> <a href="https://mstdn.social/tags/Networking" class="mention hashtag" rel="nofollow noopener" target="_blank">#Networking</a> <a href="https://mstdn.social/tags/Network" class="mention hashtag" rel="nofollow noopener" target="_blank">#Network</a> <a href="https://mstdn.social/tags/connectivity" class="mention hashtag" rel="nofollow noopener" target="_blank">#connectivity</a> <a href="https://mstdn.social/tags/cloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#cloud</a> <a href="https://mstdn.social/tags/TrustAndIdentity" class="mention hashtag" rel="nofollow noopener" target="_blank">#TrustAndIdentity</a> <a href="https://mstdn.social/tags/IAM" class="mention hashtag" rel="nofollow noopener" target="_blank">#IAM</a> <a href="https://mstdn.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://mstdn.social/tags/OpenScience" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenScience</a> <a href="https://mstdn.social/tags/HPC" class="mention hashtag" rel="nofollow noopener" target="_blank">#HPC</a> <a href="https://mstdn.social/tags/Quantum" class="mention hashtag" rel="nofollow noopener" target="_blank">#Quantum</a> <a href="https://mstdn.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AI</a>

WHY☎️5555<a href="https://disobey.net/tags/WindowsHello" class="mention hashtag" rel="nofollow noopener" target="_blank">#WindowsHello</a> will soon offer users an option to sync their passkeys to their Microsoft account making them no longer device-boundagain, this changes the threat model for enterprises, if they care about such details. a device-bound passkey means the private key material exists no where else in the world. Cloud syncing of private keys is basically the same for TOTP private seeds -- those cloud providers, while encrypting the data at rest, do in fact have clear-text access to those secrets -- making them targets of social engineers, law enforcement, nation states and other hackers.(only an end-to-end encryption cloud storage solution like Apple's Advanced Data Protection would protect synced passkeys)HT <a href="https://social.tchncs.de/@jesterchen" class="u-url mention" rel="nofollow noopener" target="_blank">@jesterchen</a> <a href="https://blogs.windows.com/windowsdeveloper/2024/10/08/passkeys-on-windows-authenticate-seamlessly-with-passkey-providers/" rel="nofollow noopener" translate="no" target="_blank">https://blogs.windows.com/windowsdeveloper/2024/10/08/passkeys-on-windows-authenticate-seamlessly-with-passkey-providers/</a><a href="https://disobey.net/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://disobey.net/tags/IAM" class="mention hashtag" rel="nofollow noopener" target="_blank">#IAM</a> <a href="https://disobey.net/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a>

LeeRaylIn my 18 years of IAM work the biggest mistake I see is rushing to secure 1 thing not all the things.“We need SAML for AWS for <insert governance here>”That is the wrong way to start any new or rebuilding of a IAM program or project.The complexity of IAM is worth the time to plan. Example: defining the source of truth, ensuring the integrity and confidentiality is critical, roles and entitlements are needed, an IdP needs to be established and tested, source of truth matches the directory, syncing the directory and IdP, implementation of authentication of the users with the IdP and MFA/ZTA configured.All that is really important and barely enough to illustrate my point of the amount of work for that one app requires Picasso like experience with a Michelangelo touch <a href="https://infosec.exchange/tags/IAM" class="mention hashtag" rel="nofollow noopener" target="_blank">#IAM</a> <a href="https://infosec.exchange/tags/SSO" class="mention hashtag" rel="nofollow noopener" target="_blank">#SSO</a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoSec</a>

smegI think digitally stored passkeys completely miss the point of multi-factor authentication. It's a cheat and we should be discouraging this capability. It's not real mfa compliance.<a href="https://assortedflotsam.com/tags/iam" class="mention hashtag" rel="nofollow noopener" target="_blank">#iam</a> <a href="https://assortedflotsam.com/tags/mfa" class="mention hashtag" rel="nofollow noopener" target="_blank">#mfa</a> <a href="https://assortedflotsam.com/tags/grc" class="mention hashtag" rel="nofollow noopener" target="_blank">#grc</a> <a href="https://assortedflotsam.com/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a>

Recent searches

Search options

Administered by:

Server stats:

#iam