ActivityPub Viewer

A small tool to view real-world ActivityPub objects as JSON! Enter a URL or username from Mastodon or a similar service below, and we'll send a request with the right Accept header to the server to view the underlying object.

Open in browser →
{ "@context": [ "https://www.w3.org/ns/activitystreams", { "ostatus": "http://ostatus.org#", "atomUri": "ostatus:atomUri", "inReplyToAtomUri": "ostatus:inReplyToAtomUri", "conversation": "ostatus:conversation", "sensitive": "as:sensitive", "toot": "http://joinmastodon.org/ns#", "votersCount": "toot:votersCount", "litepub": "http://litepub.social/ns#", "directMessage": "litepub:directMessage", "blurhash": "toot:blurhash", "focalPoint": { "@container": "@list", "@id": "toot:focalPoint" }, "Hashtag": "as:Hashtag" } ], "id": "https://infosec.exchange/users/breditor/outbox?min_id=0&page=true", "type": "OrderedCollectionPage", "next": "https://infosec.exchange/users/breditor/outbox?max_id=109359560555524624&page=true", "prev": "https://infosec.exchange/users/breditor/outbox?min_id=110253468365935947&page=true", "partOf": "https://infosec.exchange/users/breditor/outbox", "orderedItems": [ { "id": "https://infosec.exchange/users/breditor/statuses/110253468365935947/activity", "type": "Announce", "actor": "https://infosec.exchange/users/breditor", "published": "2023-04-24T11:06:57Z", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/boblord", "https://infosec.exchange/users/breditor/followers" ], "object": "https://infosec.exchange/users/boblord/statuses/110251663026754713" }, { "id": "https://infosec.exchange/users/breditor/statuses/110182548415273806/activity", "type": "Create", "actor": "https://infosec.exchange/users/breditor", "published": "2023-04-11T22:31:04Z", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers" ], "object": { "id": "https://infosec.exchange/users/breditor/statuses/110182548415273806", "type": "Note", "summary": null, "inReplyTo": null, "published": "2023-04-11T22:31:04Z", "url": "https://infosec.exchange/@breditor/110182548415273806", "attributedTo": "https://infosec.exchange/users/breditor", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers" ], "sensitive": false, "atomUri": "https://infosec.exchange/users/breditor/statuses/110182548415273806", "inReplyToAtomUri": null, "conversation": "tag:infosec.exchange,2023-04-11:objectId=57384886:objectType=Conversation", "content": "<p>Want to learn how to detect phishing, push fatigue or session token theft? Bespoke detections published by Okta’s infosec team have been added to Splunk’s content library. More of this to come: <a href=\"https://sec.okta.com/shareddetections\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"\">sec.okta.com/shareddetections</span><span class=\"invisible\"></span></a></p>", "contentMap": { "en": "<p>Want to learn how to detect phishing, push fatigue or session token theft? Bespoke detections published by Okta’s infosec team have been added to Splunk’s content library. More of this to come: <a href=\"https://sec.okta.com/shareddetections\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"\">sec.okta.com/shareddetections</span><span class=\"invisible\"></span></a></p>" }, "attachment": [], "tag": [], "replies": { "id": "https://infosec.exchange/users/breditor/statuses/110182548415273806/replies", "type": "Collection", "first": { "type": "CollectionPage", "next": "https://infosec.exchange/users/breditor/statuses/110182548415273806/replies?only_other_accounts=true&page=true", "partOf": "https://infosec.exchange/users/breditor/statuses/110182548415273806/replies", "items": [] } }, "likes": { "id": "https://infosec.exchange/users/breditor/statuses/110182548415273806/likes", "type": "Collection", "totalItems": 3 }, "shares": { "id": "https://infosec.exchange/users/breditor/statuses/110182548415273806/shares", "type": "Collection", "totalItems": 1 } } }, { "id": "https://infosec.exchange/users/breditor/statuses/110104354787717190/activity", "type": "Create", "actor": "https://infosec.exchange/users/breditor", "published": "2023-03-29T03:05:24Z", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers", "https://infosec.exchange/users/boblord" ], "object": { "id": "https://infosec.exchange/users/breditor/statuses/110104354787717190", "type": "Note", "summary": null, "inReplyTo": null, "published": "2023-03-29T03:05:24Z", "url": "https://infosec.exchange/@breditor/110104354787717190", "attributedTo": "https://infosec.exchange/users/breditor", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers", "https://infosec.exchange/users/boblord" ], "sensitive": false, "atomUri": "https://infosec.exchange/users/breditor/statuses/110104354787717190", "inReplyToAtomUri": null, "conversation": "tag:infosec.exchange,2023-03-29:objectId=54340658:objectType=Conversation", "content": "<p>Enjoyed talking about phishing resistance at Gartner’s APAC InfoSec shindig. This quote from <span class=\"h-card\" translate=\"no\"><a href=\"https://infosec.exchange/@boblord\" class=\"u-url mention\">@<span>boblord</span></a></span> started some great conversations. </p><p>CISA’s fact sheet here:<br /><a href=\"https://www.cisa.gov/sites/default/files/2023-01/fact-sheet-implementing-phishing-resistant-mfa-508c.pdf\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://www.</span><span class=\"ellipsis\">cisa.gov/sites/default/files/2</span><span class=\"invisible\">023-01/fact-sheet-implementing-phishing-resistant-mfa-508c.pdf</span></a></p>", "contentMap": { "en": "<p>Enjoyed talking about phishing resistance at Gartner’s APAC InfoSec shindig. This quote from <span class=\"h-card\" translate=\"no\"><a href=\"https://infosec.exchange/@boblord\" class=\"u-url mention\">@<span>boblord</span></a></span> started some great conversations. </p><p>CISA’s fact sheet here:<br /><a href=\"https://www.cisa.gov/sites/default/files/2023-01/fact-sheet-implementing-phishing-resistant-mfa-508c.pdf\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://www.</span><span class=\"ellipsis\">cisa.gov/sites/default/files/2</span><span class=\"invisible\">023-01/fact-sheet-implementing-phishing-resistant-mfa-508c.pdf</span></a></p>" }, "attachment": [ { "type": "Document", "mediaType": "image/png", "url": "https://media.infosec.exchange/infosec.exchange/media_attachments/files/110/104/327/338/573/227/original/6017a52ac0137105.png", "name": null, "blurhash": "UT7x3FkCRdWFI8a$o#k8oBa#WckBojofacWC", "width": 1536, "height": 1118 }, { "type": "Document", "mediaType": "image/png", "url": "https://media.infosec.exchange/infosec.exchange/media_attachments/files/110/104/343/847/113/694/original/e94fac645bc81e4a.png", "name": null, "blurhash": "UKQ,2N8^s.fPW?WCoeay%Lt7Rjj[-:t6Rja|", "width": 828, "height": 461 } ], "tag": [ { "type": "Mention", "href": "https://infosec.exchange/users/boblord", "name": "@boblord" } ], "replies": { "id": "https://infosec.exchange/users/breditor/statuses/110104354787717190/replies", "type": "Collection", "first": { "type": "CollectionPage", "next": "https://infosec.exchange/users/breditor/statuses/110104354787717190/replies?only_other_accounts=true&page=true", "partOf": "https://infosec.exchange/users/breditor/statuses/110104354787717190/replies", "items": [] } }, "likes": { "id": "https://infosec.exchange/users/breditor/statuses/110104354787717190/likes", "type": "Collection", "totalItems": 6 }, "shares": { "id": "https://infosec.exchange/users/breditor/statuses/110104354787717190/shares", "type": "Collection", "totalItems": 2 } } }, { "id": "https://infosec.exchange/users/breditor/statuses/110100769921530196/activity", "type": "Create", "actor": "https://infosec.exchange/users/breditor", "published": "2023-03-28T11:53:43Z", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers", "https://infosec.exchange/users/Darrenpauli" ], "object": { "id": "https://infosec.exchange/users/breditor/statuses/110100769921530196", "type": "Note", "summary": null, "inReplyTo": "https://infosec.exchange/users/Darrenpauli/statuses/110100623587284656", "published": "2023-03-28T11:53:43Z", "url": "https://infosec.exchange/@breditor/110100769921530196", "attributedTo": "https://infosec.exchange/users/breditor", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers", "https://infosec.exchange/users/Darrenpauli" ], "sensitive": false, "atomUri": "https://infosec.exchange/users/breditor/statuses/110100769921530196", "inReplyToAtomUri": "https://infosec.exchange/users/Darrenpauli/statuses/110100623587284656", "conversation": "tag:infosec.exchange,2023-03-28:objectId=54169691:objectType=Conversation", "content": "<p><span class=\"h-card\" translate=\"no\"><a href=\"https://infosec.exchange/@Darrenpauli\" class=\"u-url mention\">@<span>Darrenpauli</span></a></span> focus on config. SSO or password mgr, MFA + basic device hygiene. The best money spent would be a health check for config of office productivity and accounting software, and review of payments process.</p>", "contentMap": { "en": "<p><span class=\"h-card\" translate=\"no\"><a href=\"https://infosec.exchange/@Darrenpauli\" class=\"u-url mention\">@<span>Darrenpauli</span></a></span> focus on config. SSO or password mgr, MFA + basic device hygiene. The best money spent would be a health check for config of office productivity and accounting software, and review of payments process.</p>" }, "attachment": [], "tag": [ { "type": "Mention", "href": "https://infosec.exchange/users/Darrenpauli", "name": "@Darrenpauli" } ], "replies": { "id": "https://infosec.exchange/users/breditor/statuses/110100769921530196/replies", "type": "Collection", "first": { "type": "CollectionPage", "next": "https://infosec.exchange/users/breditor/statuses/110100769921530196/replies?only_other_accounts=true&page=true", "partOf": "https://infosec.exchange/users/breditor/statuses/110100769921530196/replies", "items": [] } }, "likes": { "id": "https://infosec.exchange/users/breditor/statuses/110100769921530196/likes", "type": "Collection", "totalItems": 1 }, "shares": { "id": "https://infosec.exchange/users/breditor/statuses/110100769921530196/shares", "type": "Collection", "totalItems": 0 } } }, { "id": "https://infosec.exchange/users/breditor/statuses/110092125398143186/activity", "type": "Create", "actor": "https://infosec.exchange/users/breditor", "published": "2023-03-26T23:15:18Z", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers" ], "object": { "id": "https://infosec.exchange/users/breditor/statuses/110092125398143186", "type": "Note", "summary": null, "inReplyTo": null, "published": "2023-03-26T23:15:18Z", "url": "https://infosec.exchange/@breditor/110092125398143186", "attributedTo": "https://infosec.exchange/users/breditor", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers" ], "sensitive": false, "atomUri": "https://infosec.exchange/users/breditor/statuses/110092125398143186", "inReplyToAtomUri": null, "conversation": "tag:infosec.exchange,2023-03-26:objectId=53864959:objectType=Conversation", "content": "<p>I’ll be talking Phishing Resistance at Gartner’s APAC Security and Risk Mgmt Summit tomorrow morning. I’m grateful for some of the oustanding customers that shared their case studies, threat research and insights with me to bring the presentation together.</p>", "contentMap": { "en": "<p>I’ll be talking Phishing Resistance at Gartner’s APAC Security and Risk Mgmt Summit tomorrow morning. I’m grateful for some of the oustanding customers that shared their case studies, threat research and insights with me to bring the presentation together.</p>" }, "attachment": [], "tag": [], "replies": { "id": "https://infosec.exchange/users/breditor/statuses/110092125398143186/replies", "type": "Collection", "first": { "type": "CollectionPage", "next": "https://infosec.exchange/users/breditor/statuses/110092125398143186/replies?only_other_accounts=true&page=true", "partOf": "https://infosec.exchange/users/breditor/statuses/110092125398143186/replies", "items": [] } }, "likes": { "id": "https://infosec.exchange/users/breditor/statuses/110092125398143186/likes", "type": "Collection", "totalItems": 0 }, "shares": { "id": "https://infosec.exchange/users/breditor/statuses/110092125398143186/shares", "type": "Collection", "totalItems": 0 } } }, { "id": "https://infosec.exchange/users/breditor/statuses/109996320162191102/activity", "type": "Create", "actor": "https://infosec.exchange/users/breditor", "published": "2023-03-10T01:10:47Z", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers" ], "object": { "id": "https://infosec.exchange/users/breditor/statuses/109996320162191102", "type": "Note", "summary": null, "inReplyTo": null, "published": "2023-03-10T01:10:47Z", "url": "https://infosec.exchange/@breditor/109996320162191102", "attributedTo": "https://infosec.exchange/users/breditor", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers" ], "sensitive": false, "atomUri": "https://infosec.exchange/users/breditor/statuses/109996320162191102", "inReplyToAtomUri": null, "conversation": "tag:infosec.exchange,2023-03-10:objectId=50148751:objectType=Conversation", "content": "<p>The <a href=\"https://infosec.exchange/tags/okta\" class=\"mention hashtag\" rel=\"tag\">#<span>okta</span></a> hardening advice I’m perhaps least qualified to give is how to protect user devices from malware infection.</p><p>Given the diminishing reliance on network-based controls, we’re more dependent on endpoint security than ever to protect devices from infostealers that extract creds and session tokens from the browser.</p><p>From an identity perspective, I’d encourage Okta Identity Engine admins to consider: <br />- Third-party EDR integrations that prevent authentication to workplace apps from devices with poor posture, <br />- Device Assurance for unmanaged devices (available with Okta Verify/FastPass),<br />- Setting the max and idle session times in the Global Sign-in Policy in line with NIST guidance, and <br />- Setting reauthentication frequency “At Every Sign-in” for high risk apps (in Authentication Policies)</p><p>Weirdly enough, your choice of factors also has a role to play. As a device-bound authenticator, Okta’s FastPass can be configured to reassess device context every time a user attempts to open an app, diminishing the value of a stolen session.</p>", "contentMap": { "en": "<p>The <a href=\"https://infosec.exchange/tags/okta\" class=\"mention hashtag\" rel=\"tag\">#<span>okta</span></a> hardening advice I’m perhaps least qualified to give is how to protect user devices from malware infection.</p><p>Given the diminishing reliance on network-based controls, we’re more dependent on endpoint security than ever to protect devices from infostealers that extract creds and session tokens from the browser.</p><p>From an identity perspective, I’d encourage Okta Identity Engine admins to consider: <br />- Third-party EDR integrations that prevent authentication to workplace apps from devices with poor posture, <br />- Device Assurance for unmanaged devices (available with Okta Verify/FastPass),<br />- Setting the max and idle session times in the Global Sign-in Policy in line with NIST guidance, and <br />- Setting reauthentication frequency “At Every Sign-in” for high risk apps (in Authentication Policies)</p><p>Weirdly enough, your choice of factors also has a role to play. As a device-bound authenticator, Okta’s FastPass can be configured to reassess device context every time a user attempts to open an app, diminishing the value of a stolen session.</p>" }, "attachment": [], "tag": [ { "type": "Hashtag", "href": "https://infosec.exchange/tags/okta", "name": "#okta" } ], "replies": { "id": "https://infosec.exchange/users/breditor/statuses/109996320162191102/replies", "type": "Collection", "first": { "type": "CollectionPage", "next": "https://infosec.exchange/users/breditor/statuses/109996320162191102/replies?only_other_accounts=true&page=true", "partOf": "https://infosec.exchange/users/breditor/statuses/109996320162191102/replies", "items": [] } }, "likes": { "id": "https://infosec.exchange/users/breditor/statuses/109996320162191102/likes", "type": "Collection", "totalItems": 2 }, "shares": { "id": "https://infosec.exchange/users/breditor/statuses/109996320162191102/shares", "type": "Collection", "totalItems": 1 } } }, { "id": "https://infosec.exchange/users/breditor/statuses/109935281486180225/activity", "type": "Create", "actor": "https://infosec.exchange/users/breditor", "published": "2023-02-27T06:27:50Z", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers" ], "object": { "id": "https://infosec.exchange/users/breditor/statuses/109935281486180225", "type": "Note", "summary": null, "inReplyTo": null, "published": "2023-02-27T06:27:50Z", "url": "https://infosec.exchange/@breditor/109935281486180225", "attributedTo": "https://infosec.exchange/users/breditor", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers" ], "sensitive": false, "atomUri": "https://infosec.exchange/users/breditor/statuses/109935281486180225", "inReplyToAtomUri": null, "conversation": "tag:infosec.exchange,2023-02-27:objectId=47608229:objectType=Conversation", "content": "<p>This week I’m arguing that the catch-all rule for an <a href=\"https://infosec.exchange/tags/Okta\" class=\"mention hashtag\" rel=\"tag\">#<span>Okta</span></a> sign-on policy should be “deny everything.” </p><p>Okta’s policy rules work like this: The first rule Okta evaluates during a request sits at the top of the rule stack. If the rule doesn’t match, it evaluates the rule beneath it. On it goes until a rule matches. </p><p>When you first set up an org, the pragmatic default is to allow access after primary authentication. </p><p>My argument is that once you’ve configured and tested your sign on policies, your catch-all should be set to deny. I think of this as an additional safety net (in addition to thorough testing) for when you modify policies/rules. Adversaries are often better at testing for unexpected access scenarios than admins. </p><p>My blog post offers a few workflow suggestions for identifying requests that fall through the cracks using catch-all and “canary” rules. <br /><a href=\"https://sec.okta.com/catchallsandcanaryrules\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"ellipsis\">sec.okta.com/catchallsandcanar</span><span class=\"invisible\">yrules</span></a></p>", "contentMap": { "en": "<p>This week I’m arguing that the catch-all rule for an <a href=\"https://infosec.exchange/tags/Okta\" class=\"mention hashtag\" rel=\"tag\">#<span>Okta</span></a> sign-on policy should be “deny everything.” </p><p>Okta’s policy rules work like this: The first rule Okta evaluates during a request sits at the top of the rule stack. If the rule doesn’t match, it evaluates the rule beneath it. On it goes until a rule matches. </p><p>When you first set up an org, the pragmatic default is to allow access after primary authentication. </p><p>My argument is that once you’ve configured and tested your sign on policies, your catch-all should be set to deny. I think of this as an additional safety net (in addition to thorough testing) for when you modify policies/rules. Adversaries are often better at testing for unexpected access scenarios than admins. </p><p>My blog post offers a few workflow suggestions for identifying requests that fall through the cracks using catch-all and “canary” rules. <br /><a href=\"https://sec.okta.com/catchallsandcanaryrules\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"ellipsis\">sec.okta.com/catchallsandcanar</span><span class=\"invisible\">yrules</span></a></p>" }, "attachment": [], "tag": [ { "type": "Hashtag", "href": "https://infosec.exchange/tags/okta", "name": "#okta" } ], "replies": { "id": "https://infosec.exchange/users/breditor/statuses/109935281486180225/replies", "type": "Collection", "first": { "type": "CollectionPage", "next": "https://infosec.exchange/users/breditor/statuses/109935281486180225/replies?only_other_accounts=true&page=true", "partOf": "https://infosec.exchange/users/breditor/statuses/109935281486180225/replies", "items": [] } }, "likes": { "id": "https://infosec.exchange/users/breditor/statuses/109935281486180225/likes", "type": "Collection", "totalItems": 4 }, "shares": { "id": "https://infosec.exchange/users/breditor/statuses/109935281486180225/shares", "type": "Collection", "totalItems": 1 } } }, { "id": "https://infosec.exchange/users/breditor/statuses/109911548174860288/activity", "type": "Create", "actor": "https://infosec.exchange/users/breditor", "published": "2023-02-23T01:52:09Z", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers", "https://infosec.exchange/users/riskybusiness", "https://infosec.exchange/users/tomatospy", "https://mastodon.social/users/campuscodi", "https://infosec.exchange/users/metlstorm" ], "object": { "id": "https://infosec.exchange/users/breditor/statuses/109911548174860288", "type": "Note", "summary": null, "inReplyTo": "https://infosec.exchange/users/riskybusiness/statuses/109911531901603678", "published": "2023-02-23T01:52:09Z", "url": "https://infosec.exchange/@breditor/109911548174860288", "attributedTo": "https://infosec.exchange/users/breditor", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers", "https://infosec.exchange/users/riskybusiness", "https://infosec.exchange/users/tomatospy", "https://mastodon.social/users/campuscodi", "https://infosec.exchange/users/metlstorm" ], "sensitive": false, "atomUri": "https://infosec.exchange/users/breditor/statuses/109911548174860288", "inReplyToAtomUri": "https://infosec.exchange/users/riskybusiness/statuses/109911531901603678", "conversation": "tag:infosec.exchange,2023-02-23:objectId=46656742:objectType=Conversation", "content": "<p><span class=\"h-card\" translate=\"no\"><a href=\"https://infosec.exchange/@riskybusiness\" class=\"u-url mention\">@<span>riskybusiness</span></a></span> <span class=\"h-card\" translate=\"no\"><a href=\"https://infosec.exchange/@tomatospy\" class=\"u-url mention\">@<span>tomatospy</span></a></span> <span class=\"h-card\" translate=\"no\"><a href=\"https://mastodon.social/@campuscodi\" class=\"u-url mention\">@<span>campuscodi</span></a></span> <span class=\"h-card\" translate=\"no\"><a href=\"https://infosec.exchange/@metlstorm\" class=\"u-url mention\">@<span>metlstorm</span></a></span> this week’s content was another level again. Congrats guys.</p>", "contentMap": { "en": "<p><span class=\"h-card\" translate=\"no\"><a href=\"https://infosec.exchange/@riskybusiness\" class=\"u-url mention\">@<span>riskybusiness</span></a></span> <span class=\"h-card\" translate=\"no\"><a href=\"https://infosec.exchange/@tomatospy\" class=\"u-url mention\">@<span>tomatospy</span></a></span> <span class=\"h-card\" translate=\"no\"><a href=\"https://mastodon.social/@campuscodi\" class=\"u-url mention\">@<span>campuscodi</span></a></span> <span class=\"h-card\" translate=\"no\"><a href=\"https://infosec.exchange/@metlstorm\" class=\"u-url mention\">@<span>metlstorm</span></a></span> this week’s content was another level again. Congrats guys.</p>" }, "attachment": [], "tag": [ { "type": "Mention", "href": "https://infosec.exchange/users/riskybusiness", "name": "@riskybusiness" }, { "type": "Mention", "href": "https://infosec.exchange/users/tomatospy", "name": "@tomatospy" }, { "type": "Mention", "href": "https://mastodon.social/users/campuscodi", "name": "@campuscodi@mastodon.social" }, { "type": "Mention", "href": "https://infosec.exchange/users/metlstorm", "name": "@metlstorm" } ], "replies": { "id": "https://infosec.exchange/users/breditor/statuses/109911548174860288/replies", "type": "Collection", "first": { "type": "CollectionPage", "next": "https://infosec.exchange/users/breditor/statuses/109911548174860288/replies?only_other_accounts=true&page=true", "partOf": "https://infosec.exchange/users/breditor/statuses/109911548174860288/replies", "items": [] } }, "likes": { "id": "https://infosec.exchange/users/breditor/statuses/109911548174860288/likes", "type": "Collection", "totalItems": 2 }, "shares": { "id": "https://infosec.exchange/users/breditor/statuses/109911548174860288/shares", "type": "Collection", "totalItems": 0 } } }, { "id": "https://infosec.exchange/users/breditor/statuses/109911541983148636/activity", "type": "Create", "actor": "https://infosec.exchange/users/breditor", "published": "2023-02-23T01:50:34Z", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers" ], "object": { "id": "https://infosec.exchange/users/breditor/statuses/109911541983148636", "type": "Note", "summary": null, "inReplyTo": null, "published": "2023-02-23T01:50:34Z", "url": "https://infosec.exchange/@breditor/109911541983148636", "attributedTo": "https://infosec.exchange/users/breditor", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers" ], "sensitive": false, "atomUri": "https://infosec.exchange/users/breditor/statuses/109911541983148636", "inReplyToAtomUri": null, "conversation": "tag:infosec.exchange,2023-02-23:objectId=46657110:objectType=Conversation", "content": "<p>If you want to get a sense for how much phishing resistant authentication has become an obsession at Okta, look no further than the Early Access features in Okta Identity Engine right now. Go have a look at Settings &gt; Features and you’ll see: </p><p>- Enforcing phishing-resistant authentication in sign-in policies<br />- Requiring phishing-resistant authenticators to enrol other authenticators<br />- Allowlisting for specific models of FIDO2 Authenticators<br />- Support for PIV Smart Cards for both Global and Application Sign-in <br />- Collecting Device Signals (using FastPass) at both Global and Application Sign-in</p><p>By the time I’ve posted this message, user mailboxes at hundreds of organisations will be targeted using “real-time” AiTM phishing platforms. Phishing via transparent proxies is “point and click” for any adversary now. </p><p>I’m grateful phishing resistance is top of the priority list for Okta’s product and engineering teams. It should be top of your priority list too. </p><p>My advice is not to say “job done” after making incremental improvements (moving from SMS to Push, or adding number challenge or biometric checks to Push, for example). Go for gold and enforce phishing resistance (using FIDO2 WebAuthn, FastPass on managed devices or PIV Smart Cards) across the whole workforce.</p>", "contentMap": { "en": "<p>If you want to get a sense for how much phishing resistant authentication has become an obsession at Okta, look no further than the Early Access features in Okta Identity Engine right now. Go have a look at Settings &gt; Features and you’ll see: </p><p>- Enforcing phishing-resistant authentication in sign-in policies<br />- Requiring phishing-resistant authenticators to enrol other authenticators<br />- Allowlisting for specific models of FIDO2 Authenticators<br />- Support for PIV Smart Cards for both Global and Application Sign-in <br />- Collecting Device Signals (using FastPass) at both Global and Application Sign-in</p><p>By the time I’ve posted this message, user mailboxes at hundreds of organisations will be targeted using “real-time” AiTM phishing platforms. Phishing via transparent proxies is “point and click” for any adversary now. </p><p>I’m grateful phishing resistance is top of the priority list for Okta’s product and engineering teams. It should be top of your priority list too. </p><p>My advice is not to say “job done” after making incremental improvements (moving from SMS to Push, or adding number challenge or biometric checks to Push, for example). Go for gold and enforce phishing resistance (using FIDO2 WebAuthn, FastPass on managed devices or PIV Smart Cards) across the whole workforce.</p>" }, "attachment": [], "tag": [], "replies": { "id": "https://infosec.exchange/users/breditor/statuses/109911541983148636/replies", "type": "Collection", "first": { "type": "CollectionPage", "next": "https://infosec.exchange/users/breditor/statuses/109911541983148636/replies?only_other_accounts=true&page=true", "partOf": "https://infosec.exchange/users/breditor/statuses/109911541983148636/replies", "items": [] } }, "likes": { "id": "https://infosec.exchange/users/breditor/statuses/109911541983148636/likes", "type": "Collection", "totalItems": 1 }, "shares": { "id": "https://infosec.exchange/users/breditor/statuses/109911541983148636/shares", "type": "Collection", "totalItems": 0 } } }, { "id": "https://infosec.exchange/users/breditor/statuses/109899910715260253/activity", "type": "Create", "actor": "https://infosec.exchange/users/breditor", "published": "2023-02-21T00:32:35Z", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers" ], "object": { "id": "https://infosec.exchange/users/breditor/statuses/109899910715260253", "type": "Note", "summary": null, "inReplyTo": "https://infosec.exchange/users/breditor/statuses/109899883764699716", "published": "2023-02-21T00:32:35Z", "url": "https://infosec.exchange/@breditor/109899910715260253", "attributedTo": "https://infosec.exchange/users/breditor", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers" ], "sensitive": false, "atomUri": "https://infosec.exchange/users/breditor/statuses/109899910715260253", "inReplyToAtomUri": "https://infosec.exchange/users/breditor/statuses/109899883764699716", "conversation": "tag:infosec.exchange,2023-02-21:objectId=46171875:objectType=Conversation", "content": "<p>2033 is obviously a typo, but seems fitting to leave it unedited.</p>", "contentMap": { "en": "<p>2033 is obviously a typo, but seems fitting to leave it unedited.</p>" }, "attachment": [], "tag": [], "replies": { "id": "https://infosec.exchange/users/breditor/statuses/109899910715260253/replies", "type": "Collection", "first": { "type": "CollectionPage", "next": "https://infosec.exchange/users/breditor/statuses/109899910715260253/replies?only_other_accounts=true&page=true", "partOf": "https://infosec.exchange/users/breditor/statuses/109899910715260253/replies", "items": [] } }, "likes": { "id": "https://infosec.exchange/users/breditor/statuses/109899910715260253/likes", "type": "Collection", "totalItems": 1 }, "shares": { "id": "https://infosec.exchange/users/breditor/statuses/109899910715260253/shares", "type": "Collection", "totalItems": 0 } } }, { "id": "https://infosec.exchange/users/breditor/statuses/109899883764699716/activity", "type": "Create", "actor": "https://infosec.exchange/users/breditor", "published": "2023-02-21T00:25:44Z", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers" ], "object": { "id": "https://infosec.exchange/users/breditor/statuses/109899883764699716", "type": "Note", "summary": null, "inReplyTo": null, "published": "2023-02-21T00:25:44Z", "url": "https://infosec.exchange/@breditor/109899883764699716", "attributedTo": "https://infosec.exchange/users/breditor", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers" ], "sensitive": false, "atomUri": "https://infosec.exchange/users/breditor/statuses/109899883764699716", "inReplyToAtomUri": null, "conversation": "tag:infosec.exchange,2023-02-21:objectId=46171875:objectType=Conversation", "content": "<p>It’s the year 2033 and legacy authentication to Microsoft Exchange Online is still actually a thing. It wasn’t supposed to be a thing, but that’s another story. While I’ve observed a dramatic decline in the volume of requests over the past year (as customers migrate to modern auth), a large number of orgs continue to allow it. If you allow SMTP to Exchange from anywhere on the internet, your 0365 accounts are only as strong as the weakest user-defined password in your org. <br /><a href=\"https://sec.okta.com/legacyauthrisk\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"\">sec.okta.com/legacyauthrisk</span><span class=\"invisible\"></span></a></p>", "contentMap": { "en": "<p>It’s the year 2033 and legacy authentication to Microsoft Exchange Online is still actually a thing. It wasn’t supposed to be a thing, but that’s another story. While I’ve observed a dramatic decline in the volume of requests over the past year (as customers migrate to modern auth), a large number of orgs continue to allow it. If you allow SMTP to Exchange from anywhere on the internet, your 0365 accounts are only as strong as the weakest user-defined password in your org. <br /><a href=\"https://sec.okta.com/legacyauthrisk\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"\">sec.okta.com/legacyauthrisk</span><span class=\"invisible\"></span></a></p>" }, "attachment": [], "tag": [], "replies": { "id": "https://infosec.exchange/users/breditor/statuses/109899883764699716/replies", "type": "Collection", "first": { "type": "CollectionPage", "next": "https://infosec.exchange/users/breditor/statuses/109899883764699716/replies?min_id=109899910715260253&page=true", "partOf": "https://infosec.exchange/users/breditor/statuses/109899883764699716/replies", "items": [ "https://infosec.exchange/users/breditor/statuses/109899910715260253" ] } }, "likes": { "id": "https://infosec.exchange/users/breditor/statuses/109899883764699716/likes", "type": "Collection", "totalItems": 1 }, "shares": { "id": "https://infosec.exchange/users/breditor/statuses/109899883764699716/shares", "type": "Collection", "totalItems": 0 } } }, { "id": "https://infosec.exchange/users/breditor/statuses/109865019888541996/activity", "type": "Create", "actor": "https://infosec.exchange/users/breditor", "published": "2023-02-14T20:39:23Z", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers" ], "object": { "id": "https://infosec.exchange/users/breditor/statuses/109865019888541996", "type": "Note", "summary": null, "inReplyTo": null, "published": "2023-02-14T20:39:23Z", "url": "https://infosec.exchange/@breditor/109865019888541996", "attributedTo": "https://infosec.exchange/users/breditor", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers" ], "sensitive": false, "atomUri": "https://infosec.exchange/users/breditor/statuses/109865019888541996", "inReplyToAtomUri": null, "conversation": "tag:infosec.exchange,2023-02-14:objectId=44737746:objectType=Conversation", "content": "<p>I’ve seen a lot written about Reddit’s incident disclosure, especially the crucial role a user report played in identifying and remediating a phishing incident.</p><p>It’s a timely reminder that <a href=\"https://infosec.exchange/tags/okta\" class=\"mention hashtag\" rel=\"tag\">#<span>okta</span></a> customers can maximise the opportunities for users to identify and report suspicious activity by:</p><p>- Enabling “End User Notifications” for sign-ins from new devices and locations or factor resets/adds, and also<br />- Enabling “Suspicious Activity Reports” to turn those notifications into actionable, one-click reporting mechanisms for users. </p><p>The Recent Activity section of the end user dashboard also gives users insight into use of their account. </p><p>Okta Workflows provides numerous orchestration opportunities for when users report suspicious activity: from turning the report into a ticket for SOC analysts through to revoking a session or a factor.</p>", "contentMap": { "en": "<p>I’ve seen a lot written about Reddit’s incident disclosure, especially the crucial role a user report played in identifying and remediating a phishing incident.</p><p>It’s a timely reminder that <a href=\"https://infosec.exchange/tags/okta\" class=\"mention hashtag\" rel=\"tag\">#<span>okta</span></a> customers can maximise the opportunities for users to identify and report suspicious activity by:</p><p>- Enabling “End User Notifications” for sign-ins from new devices and locations or factor resets/adds, and also<br />- Enabling “Suspicious Activity Reports” to turn those notifications into actionable, one-click reporting mechanisms for users. </p><p>The Recent Activity section of the end user dashboard also gives users insight into use of their account. </p><p>Okta Workflows provides numerous orchestration opportunities for when users report suspicious activity: from turning the report into a ticket for SOC analysts through to revoking a session or a factor.</p>" }, "attachment": [ { "type": "Document", "mediaType": "image/png", "url": "https://media.infosec.exchange/infosec.exchange/media_attachments/files/109/865/018/525/644/634/original/6c599f903038d96c.png", "name": null, "blurhash": "U8SY~y01R,?bIoWYR+M|D%fRt7Wr%MaeR*Wq", "width": 609, "height": 307 } ], "tag": [ { "type": "Hashtag", "href": "https://infosec.exchange/tags/okta", "name": "#okta" } ], "replies": { "id": "https://infosec.exchange/users/breditor/statuses/109865019888541996/replies", "type": "Collection", "first": { "type": "CollectionPage", "next": "https://infosec.exchange/users/breditor/statuses/109865019888541996/replies?only_other_accounts=true&page=true", "partOf": "https://infosec.exchange/users/breditor/statuses/109865019888541996/replies", "items": [] } }, "likes": { "id": "https://infosec.exchange/users/breditor/statuses/109865019888541996/likes", "type": "Collection", "totalItems": 2 }, "shares": { "id": "https://infosec.exchange/users/breditor/statuses/109865019888541996/shares", "type": "Collection", "totalItems": 1 } } }, { "id": "https://infosec.exchange/users/breditor/statuses/109838641727578519/activity", "type": "Create", "actor": "https://infosec.exchange/users/breditor", "published": "2023-02-10T04:51:05Z", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers" ], "object": { "id": "https://infosec.exchange/users/breditor/statuses/109838641727578519", "type": "Note", "summary": null, "inReplyTo": null, "published": "2023-02-10T04:51:05Z", "url": "https://infosec.exchange/@breditor/109838641727578519", "attributedTo": "https://infosec.exchange/users/breditor", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers" ], "sensitive": true, "atomUri": "https://infosec.exchange/users/breditor/statuses/109838641727578519", "inReplyToAtomUri": null, "conversation": "tag:infosec.exchange,2023-02-10:objectId=43631667:objectType=Conversation", "content": "<p>Quick and dirty @okta win: deny authentication to workforce apps from anonymising proxies. If you don’t have network-based controls for this, the blunt way is to add a dynamic network zone in Okta (pictured) that blocks these requests pre-authentication.</p><p>The cons: some loss of visibility into adversary behaviors, and it’s tricky to make exceptions. <br />The pros: adding friction and risk to the sort of adversary whose MO is buying access to stolen session tokens. </p><p>In my experience there are relatively few orgs with staff that have a genuine need to authenticate using anonymizing services. More often the admin didn’t know it was this easy to do.</p>", "contentMap": { "en": "<p>Quick and dirty @okta win: deny authentication to workforce apps from anonymising proxies. If you don’t have network-based controls for this, the blunt way is to add a dynamic network zone in Okta (pictured) that blocks these requests pre-authentication.</p><p>The cons: some loss of visibility into adversary behaviors, and it’s tricky to make exceptions. <br />The pros: adding friction and risk to the sort of adversary whose MO is buying access to stolen session tokens. </p><p>In my experience there are relatively few orgs with staff that have a genuine need to authenticate using anonymizing services. More often the admin didn’t know it was this easy to do.</p>" }, "attachment": [ { "type": "Document", "mediaType": "image/png", "url": "https://media.infosec.exchange/infosec.exchange/media_attachments/files/109/838/637/753/082/184/original/9f808023f2623abc.png", "name": null, "blurhash": "UASF@Ts.9FRiWARks:R*00f5RjofxtM{WAj]", "width": 1536, "height": 975 } ], "tag": [], "replies": { "id": "https://infosec.exchange/users/breditor/statuses/109838641727578519/replies", "type": "Collection", "first": { "type": "CollectionPage", "next": "https://infosec.exchange/users/breditor/statuses/109838641727578519/replies?only_other_accounts=true&page=true", "partOf": "https://infosec.exchange/users/breditor/statuses/109838641727578519/replies", "items": [] } }, "likes": { "id": "https://infosec.exchange/users/breditor/statuses/109838641727578519/likes", "type": "Collection", "totalItems": 2 }, "shares": { "id": "https://infosec.exchange/users/breditor/statuses/109838641727578519/shares", "type": "Collection", "totalItems": 0 } } }, { "id": "https://infosec.exchange/users/breditor/statuses/109826322970882402/activity", "type": "Create", "actor": "https://infosec.exchange/users/breditor", "published": "2023-02-08T00:38:15Z", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers" ], "object": { "id": "https://infosec.exchange/users/breditor/statuses/109826322970882402", "type": "Note", "summary": null, "inReplyTo": null, "published": "2023-02-08T00:38:15Z", "url": "https://infosec.exchange/@breditor/109826322970882402", "attributedTo": "https://infosec.exchange/users/breditor", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers" ], "sensitive": false, "atomUri": "https://infosec.exchange/users/breditor/statuses/109826322970882402", "inReplyToAtomUri": null, "conversation": "tag:infosec.exchange,2023-02-08:objectId=43100556:objectType=Conversation", "content": "<p>My resolution for the new (Okta) financial year: I’m going to use this profile to promote best practices for securing an Okta (workforce) org, (and probably little else).</p><p>It’ll be a trickle, not a flood. Two threads a week maybe. If you know someone building, administering or monitoring an Okta org, I’d be grateful if you pointed them here. And if this isn’t your bag, set a reminder to unmute me next year :)</p><p>It’s only just now sunk in for me that good advice has a shelf life in cloud/InfoSec. Better to say it and risk being wrong, than wishing I’d said it when it mattered most.</p>", "contentMap": { "en": "<p>My resolution for the new (Okta) financial year: I’m going to use this profile to promote best practices for securing an Okta (workforce) org, (and probably little else).</p><p>It’ll be a trickle, not a flood. Two threads a week maybe. If you know someone building, administering or monitoring an Okta org, I’d be grateful if you pointed them here. And if this isn’t your bag, set a reminder to unmute me next year :)</p><p>It’s only just now sunk in for me that good advice has a shelf life in cloud/InfoSec. Better to say it and risk being wrong, than wishing I’d said it when it mattered most.</p>" }, "attachment": [], "tag": [], "replies": { "id": "https://infosec.exchange/users/breditor/statuses/109826322970882402/replies", "type": "Collection", "first": { "type": "CollectionPage", "next": "https://infosec.exchange/users/breditor/statuses/109826322970882402/replies?only_other_accounts=true&page=true", "partOf": "https://infosec.exchange/users/breditor/statuses/109826322970882402/replies", "items": [] } }, "likes": { "id": "https://infosec.exchange/users/breditor/statuses/109826322970882402/likes", "type": "Collection", "totalItems": 6 }, "shares": { "id": "https://infosec.exchange/users/breditor/statuses/109826322970882402/shares", "type": "Collection", "totalItems": 3 } } }, { "id": "https://infosec.exchange/users/breditor/statuses/109814760132934497/activity", "type": "Announce", "actor": "https://infosec.exchange/users/breditor", "published": "2023-02-05T23:37:40Z", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://mastodon.world/users/Lorette", "https://infosec.exchange/users/breditor/followers" ], "object": "https://mastodon.world/users/Lorette/statuses/109808781175975213" }, { "id": "https://infosec.exchange/users/breditor/statuses/109538272565486934/activity", "type": "Announce", "actor": "https://infosec.exchange/users/breditor", "published": "2022-12-19T03:43:15Z", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/australeo", "https://infosec.exchange/users/breditor/followers" ], "object": "https://infosec.exchange/users/australeo/statuses/109537967968703301" }, { "id": "https://infosec.exchange/users/breditor/statuses/109500225641197831/activity", "type": "Announce", "actor": "https://infosec.exchange/users/breditor", "published": "2022-12-12T10:27:25Z", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/AstraKernel", "https://infosec.exchange/users/breditor/followers" ], "object": "https://infosec.exchange/users/AstraKernel/statuses/109495575016141973" }, { "id": "https://infosec.exchange/users/breditor/statuses/109464223781436721/activity", "type": "Announce", "actor": "https://infosec.exchange/users/breditor", "published": "2022-12-06T01:51:40Z", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/riskybusiness", "https://infosec.exchange/users/breditor/followers" ], "object": "https://infosec.exchange/users/riskybusiness/statuses/109464007221140529" }, { "id": "https://infosec.exchange/users/breditor/statuses/109441959398165748/activity", "type": "Create", "actor": "https://infosec.exchange/users/breditor", "published": "2022-12-02T03:29:33Z", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers", "https://infosec.exchange/users/riskybusiness" ], "object": { "id": "https://infosec.exchange/users/breditor/statuses/109441959398165748", "type": "Note", "summary": null, "inReplyTo": null, "published": "2022-12-02T03:29:33Z", "url": "https://infosec.exchange/@breditor/109441959398165748", "attributedTo": "https://infosec.exchange/users/breditor", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers", "https://infosec.exchange/users/riskybusiness" ], "sensitive": false, "atomUri": "https://infosec.exchange/users/breditor/statuses/109441959398165748", "inReplyToAtomUri": null, "conversation": "tag:infosec.exchange,2022-12-02:objectId=26002663:objectType=Conversation", "content": "<p>First toot! I want to help make passwordless, phishing-resistant authentication “a real thing”. I recently pitched a live demo of phishing resistance in practice to <span class=\"h-card\" translate=\"no\"><a href=\"https://infosec.exchange/@riskybusiness\" class=\"u-url mention\">@<span>riskybusiness</span></a></span> , and tacked on a workflow I built to spark some ideas about what orchestration opportunities might arise from detecting real-time <a href=\"https://infosec.exchange/tags/phishing\" class=\"mention hashtag\" rel=\"tag\">#<span>phishing</span></a> kits. I’m keen to hear from <a href=\"https://infosec.exchange/tags/okta\" class=\"mention hashtag\" rel=\"tag\">#<span>okta</span></a> users if this hits the mark. <a href=\"https://m.youtube.com/watch?v=_lt-p3tt_zo\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"ellipsis\">m.youtube.com/watch?v=_lt-p3tt</span><span class=\"invisible\">_zo</span></a></p>", "contentMap": { "en": "<p>First toot! I want to help make passwordless, phishing-resistant authentication “a real thing”. I recently pitched a live demo of phishing resistance in practice to <span class=\"h-card\" translate=\"no\"><a href=\"https://infosec.exchange/@riskybusiness\" class=\"u-url mention\">@<span>riskybusiness</span></a></span> , and tacked on a workflow I built to spark some ideas about what orchestration opportunities might arise from detecting real-time <a href=\"https://infosec.exchange/tags/phishing\" class=\"mention hashtag\" rel=\"tag\">#<span>phishing</span></a> kits. I’m keen to hear from <a href=\"https://infosec.exchange/tags/okta\" class=\"mention hashtag\" rel=\"tag\">#<span>okta</span></a> users if this hits the mark. <a href=\"https://m.youtube.com/watch?v=_lt-p3tt_zo\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"ellipsis\">m.youtube.com/watch?v=_lt-p3tt</span><span class=\"invisible\">_zo</span></a></p>" }, "attachment": [], "tag": [ { "type": "Mention", "href": "https://infosec.exchange/users/riskybusiness", "name": "@riskybusiness" }, { "type": "Hashtag", "href": "https://infosec.exchange/tags/phishing", "name": "#phishing" }, { "type": "Hashtag", "href": "https://infosec.exchange/tags/okta", "name": "#okta" } ], "replies": { "id": "https://infosec.exchange/users/breditor/statuses/109441959398165748/replies", "type": "Collection", "first": { "type": "CollectionPage", "next": "https://infosec.exchange/users/breditor/statuses/109441959398165748/replies?only_other_accounts=true&page=true", "partOf": "https://infosec.exchange/users/breditor/statuses/109441959398165748/replies", "items": [] } }, "likes": { "id": "https://infosec.exchange/users/breditor/statuses/109441959398165748/likes", "type": "Collection", "totalItems": 9 }, "shares": { "id": "https://infosec.exchange/users/breditor/statuses/109441959398165748/shares", "type": "Collection", "totalItems": 4 } } }, { "id": "https://infosec.exchange/users/breditor/statuses/109359560555524624/activity", "type": "Create", "actor": "https://infosec.exchange/users/breditor", "published": "2022-11-17T14:14:26Z", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers", "https://mastodon.social/users/campuscodi" ], "object": { "id": "https://infosec.exchange/users/breditor/statuses/109359560555524624", "type": "Note", "summary": null, "inReplyTo": null, "published": "2022-11-17T14:14:26Z", "url": "https://infosec.exchange/@breditor/109359560555524624", "attributedTo": "https://infosec.exchange/users/breditor", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers", "https://mastodon.social/users/campuscodi" ], "sensitive": false, "atomUri": "https://infosec.exchange/users/breditor/statuses/109359560555524624", "inReplyToAtomUri": null, "conversation": "tag:mastodon.social,2022-11-17:objectId=334492842:objectType=Conversation", "content": "<p><span class=\"h-card\" translate=\"no\"><a href=\"https://mastodon.social/@campuscodi\" class=\"u-url mention\">@<span>campuscodi</span></a></span> at least I’m still in good company</p>", "contentMap": { "en": "<p><span class=\"h-card\" translate=\"no\"><a href=\"https://mastodon.social/@campuscodi\" class=\"u-url mention\">@<span>campuscodi</span></a></span> at least I’m still in good company</p>" }, "attachment": [], "tag": [ { "type": "Mention", "href": "https://mastodon.social/users/campuscodi", "name": "@campuscodi@mastodon.social" } ], "replies": { "id": "https://infosec.exchange/users/breditor/statuses/109359560555524624/replies", "type": "Collection", "first": { "type": "CollectionPage", "next": "https://infosec.exchange/users/breditor/statuses/109359560555524624/replies?only_other_accounts=true&page=true", "partOf": "https://infosec.exchange/users/breditor/statuses/109359560555524624/replies", "items": [] } }, "likes": { "id": "https://infosec.exchange/users/breditor/statuses/109359560555524624/likes", "type": "Collection", "totalItems": 0 }, "shares": { "id": "https://infosec.exchange/users/breditor/statuses/109359560555524624/shares", "type": "Collection", "totalItems": 0 } } } ] }