Markus's Avatar

Markus

@secmark.fyi.bsky.social

Cybersecurity | Infosec | Tech | Privacy | White hat https://secmark.fyi/

295 Followers  |  82 Following  |  242 Posts  |  Joined: 29.10.2023  |  1.8066

Latest posts by secmark.fyi on Bluesky

During the past days there has been lots of articles demonstrating FIDO bypasses with downgrade attacks, for Microsoft environments deploy WHfB across the board and ensure that you enforce phishing resistant MFA requirement with conditional access policies for users who have a key registered.

15.08.2025 10:07 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

๐ŸฆŽ

11.08.2025 15:11 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

From overall cyber security perspective, would it be more responsible from tech giants to just deploy computer/device breaking patches to actual outdated OS'es than keep providing consumers some security updates for a year or two after EOL... I see this becoming an even bigger issue in the future

07.08.2025 13:57 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

Probably really generational as well, but I don't see an issue in talking for matters that are important to you, even if it goes against some majority

06.08.2025 17:08 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

Been on a vacation for couple of weeks. OOF states that I can only be contacted via my private number in case of emergency.
Today received first message, I call that a success, been able to totally detach from work ๐Ÿฅฐ

10.07.2025 13:11 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

Ite iskin out of officet pรครคlle jo klo 12 ja vika palaveri oli varattu klo 15-16, ei toivoakaan et menis.
Saatan olla jo terdellรค ๐Ÿ˜‚๐Ÿป

27.06.2025 10:29 โ€” ๐Ÿ‘ 2    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

Anyone know if you can somehow pull the dynamic tags from Defender XDR via API?
Manual and system tags(Config policy/Regedit/GPO) are there on the api/machine , but would like additional control on larger sets on top of your regular RBAC group/tag controls.

25.06.2025 17:14 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

How about everyone starts listening to System of a Down - B.Y.O.B.

Would be pretty funny to see it in top charts
#soad #byob #iran #iraq #usa

23.06.2025 18:17 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
Microsoft now testing Notepad text formatting in Windows 11 Microsoft announced today that the Windows 11 Notepad application is getting a text formatting feature supporting Markdown-style input.

Likely will not get me to leave np++, but will test it for sure!


www.bleepingcomputer.com/news/microso...

31.05.2025 10:23 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

2025
Included chapter about usage of CDs DVDs and Floppy disks into a security policy.
While I personally haven't used them in years to store data, older company employees might, from either habit, or from a requirement of a legacy production systems.
In the end, it's all about managing risk.

30.05.2025 15:02 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Post image

Original post: cyberplace.social/@GossiTheDog...

30.05.2025 14:54 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

Gotta love ~flow~ state when working.

Ended up spending last ~6 hours starting and finishing an authentication policy document for the entire organization.

#cybersecurity #infosec #iso27001 #iso27k #flowstate #auth #authentication

15.05.2025 17:08 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

Change management is an important process in both IT and in Cyber security to ensure proper planning, design, documentation and assessment of risks.

Do you think these two should share the same processes and gates or have a totally different change process?

21.04.2025 09:22 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

Been thinking of getting experienced on a new topic, Intelligence.
Any tools, or guides, or other topics you would recommend looking at?

I'm not expecting answers like Shodan or Google Dorking but more towards Intel management, tools and analytics

#intel #intelligence #osint #cybersecurity #opsec

12.04.2025 17:04 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

Which is better?
12 character machine generated password
Or
20 character user generated password

And why?
#security #cybersecurity #infosec

11.04.2025 18:45 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

Pulled my bicycle out of the winter storage, first short trip done and yeah... It will take a few more for my body to catch back up after the winter ๐Ÿ˜…

01.04.2025 12:02 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Wikipedia logo

Wikipedia logo

Wikipedia exits the Nazi group chat

@wikipedia.org
๐Ÿ‘๐Ÿ‘๐Ÿ‘

622.7K followers on X

28.03.2025 22:29 โ€” ๐Ÿ‘ 1144    ๐Ÿ” 221    ๐Ÿ’ฌ 21    ๐Ÿ“Œ 12

Winter vacation just started ๐Ÿฅณ๐Ÿฅณ
Which means!!! Time to start stressing the workload that will be waiting for me when I get back!

27.03.2025 14:54 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

Local security event is hosting an online CTF, dragged myself solo to 9th place yesterday. Still would have a few easyish flags to get but will probably just drop it and play video games when I get off work ๐Ÿ‘พ๐ŸŽฎ๐Ÿ˜
#hacking #cybersecurity #ctf

19.03.2025 10:36 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

๐Ÿ‹๏ธโ€โ™‚๏ธThe cybersecurity equivalent of doing half reps at the gym:

- MFA on some accounts, but not all
- EDR installed, but not monitored
- Firewalls with any-any rules
- Patch management, but only for Windows
- Backups that arenโ€™t tested
- User training thatโ€™s just a checkbox exercise

06.03.2025 14:34 โ€” ๐Ÿ‘ 8    ๐Ÿ” 3    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Image of the books cover

Image of the books cover

Decided on the book for my flight, landed on Conspiracy land by Marianna Spring ๐Ÿ˜Š๐Ÿ“š

10.03.2025 09:06 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

Almost done with The Shadow and Bone trilogy, third left of Ruin and Rising.
Got a work trip coming up on Monday so I should probably finish this before the flight, and decide on the next one ๐Ÿ“š๐Ÿค“

08.03.2025 09:25 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

Considering all the vulnerabilities and issues with Password managers LastPass has easily gotten the most heat, and for a reason.
But I wouldn't judge people or say they are negligent for using it, it is still an excellent product, not the best, but still excellent.

08.03.2025 09:13 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

MFW local IT manager says he gave his corporate laptop to a 3rd party IT company for debugging instead of our internal guys ๐Ÿ˜ฌ

FML

#security #IT #workstation #talesfromtechsupport #infosec

06.03.2025 14:20 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

Could we just go back to the good old days when Obama was president.

05.03.2025 15:03 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

USA stops sharing critical intelligence to Ukraine. These are actionable data, really critical to sustain defence and offence. What's next? Starlink goes to an unscheduled maintenance? I mean, it would probably be legitimate with terms of service, accidents happen...

05.03.2025 13:22 โ€” ๐Ÿ‘ 23    ๐Ÿ” 6    ๐Ÿ’ฌ 3    ๐Ÿ“Œ 1

I stand with Ukraine. They elected a comedian and got a leader. We elected a clown and got a full-blown circus that keeps getting worse. One fights for democracy, the other fights for his ego. The difference couldnโ€™t be clearer, yet some people still donโ€™t get it.

02.03.2025 13:17 โ€” ๐Ÿ‘ 22    ๐Ÿ” 2    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

Get a visa ๐Ÿ˜‚

01.03.2025 10:18 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

From time to time I find myself thinking "ummm, there was a Windows 8?" ...
Not like I work in the industry ๐Ÿ˜…

01.03.2025 10:13 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

@secmark.fyi is following 20 prominent accounts