buc.ci is a Fediverse instance that uses the ActivityPub protocol. In other words, users at this host can communicate with people that use software like Mastodon, Pleroma, Friendica, etc. all around the world.

This server runs the snac software and there is no automatic sign-up process.

Admin email
abucci@bucci.onl
Admin account
@abucci@buc.ci

Search results for tag #sharepoint

AodeRelay boosted

[?]securityaffairs » 🌐
@securityaffairs@infosec.exchange

U.S. CISA adds and   flaws to its Known Exploited Vulnerabilities catalog
securityaffairs.com/189628/sec

    AodeRelay boosted

    [?]Daniel Kuhl ✌🏻☮️☕️ » 🌐
    @daniel1820815@infosec.exchange

    Research has published its Untold Stories of 2025, a compilation covering multiple notable campaigns that occurred during 2025. These include exploitation of (“ToolShell”), and adversary-in-the-middle used to bypass MFA, as well as state-linked operations attributed to groups such as Camaro Dragon and COLDRIVER. The report also highlights evolving command-and-control techniques observed across Europe and Central Asia.

    research.checkpoint.com/2026/2

      AodeRelay boosted

      [?]Harry Sintonen » 🌐
      @harrysintonen@infosec.exchange

      I was surprised to learn that Microsoft 365 can recommend files to me from someone else in the organization, by default. This is part of their "Item Insight" feature [1]. The description of this service goes to great lengths to explain how it respects the document access rights and won't be leaking documents.

      While that's all good in theory, in many instances people do not use Sharepoint permissions right, and everyone in the organization has access to the documents unintended. I can see how this could amplify impact of such misconfiguration, in specific making some too widely shared document visible to much wider audience.

      Also, this all relies on the machine learning to do correct decision in the first place. I prefer to keep such control to myself and this I disabled this feature.

      You can disable the "Item Insight" from myaccount.microsoft.com/settin

      1) learn.microsoft.com/en-us/grap

      Screenshot showing the location of the "Allow item insights" checkbox in the privacy settings.

      Alt...Screenshot showing the location of the "Allow item insights" checkbox in the privacy settings.

      Screenshot of web page https://learn.microsoft.com/en-us/graph/item-insights-overview#disabling-item-insights with the following text highlighted: "Microsoft never discloses your private documents and only uses insights of content that users already have access to. However, sometimes the risk that unauthorized users could discover the content outweighs the possible benefits. In such cases, consider turning off item insights. "

      Alt...Screenshot of web page https://learn.microsoft.com/en-us/graph/item-insights-overview#disabling-item-insights with the following text highlighted: "Microsoft never discloses your private documents and only uses insights of content that users already have access to. However, sometimes the risk that unauthorized users could discover the content outweighs the possible benefits. In such cases, consider turning off item insights. "

        AodeRelay boosted

        [?]Offensive Sequence » 🌐
        @offseq@infosec.exchange

        🚨 CRITICAL: CVE-2025-59245 in Microsoft SharePoint Online allows remote privilege escalation via deserialization of untrusted data. No patch yet—restrict access & monitor activity! Full details: radar.offseq.com/threat/cve-20

        Critical threat: CVE-2025-59245: CWE-502: Deserialization of Untrusted Data in Microsoft Microsoft SharePoint Online

        Alt...Critical threat: CVE-2025-59245: CWE-502: Deserialization of Untrusted Data in Microsoft Microsoft SharePoint Online

          2 ★ 0 ↺

          [?]Anthony » 🌐
          @abucci@buc.ci

          I left a MS SharePoint tab open and uBlock Origin tells me it's blocked 2,998 things (elements?) on the page so far. That number ticks up over time.


            about this site - powered by snac/2.86