Azure hit by 15 Tbps DDoS attack using 500k IP addresses
#HackerNews #Azure #DDoS #Attack #15Tbps #Cybersecurity #Cloud #Computing #Tech #News
Und nun geht's los
Yogthos
boosted
(2/2) We used one of the threats seen in federation for forgejo as first real world example.
The example report output can be found here: https://repo.prod.meissa.de/meissa/clj-threats/src/branch/main/report/report.pdf
It is just a first "hello world" but the core concepts are quite working.
#clojure #forgejo #federation #threat-modelling #attack-tree #security
(2/2) We used one of the threats seen in federation for forgejo as first real world example.
The example report output can be found here: https://repo.prod.meissa.de/meissa/clj-threats/src/branch/main/report/report.pdf
It is just a first "hello world" but the core concepts are quite working.
#clojure #forgejo #federation #threat-modelling #attack-tree #security
alcinnz
boosted
Brash: Chromium Browser DoS Attack via document.title Exploitation
Brash is a critical vulnerability in Blink, the rendering engine that powers Google's Chromium-based browsers. It allows any Chromium browser to collapse in 15-60 seconds by exploiting an architectural flaw in how certain DOM operations are managed.
#chromium #webbrowser #dosattack #blink #attack #dos #websecurity #brash #web #poc #documenttitle #websecurity #itsec #itsecurity #browser #google
Brash: Chromium Browser DoS Attack via document.title Exploitation
Brash is a critical vulnerability in Blink, the rendering engine that powers Google's Chromium-based browsers. It allows any Chromium browser to collapse in 15-60 seconds by exploiting an architectural flaw in how certain DOM operations are managed.
#chromium #webbrowser #dosattack #blink #attack #dos #websecurity #brash #web #poc #documenttitle #websecurity #itsec #itsecurity #browser #google
»Crash, Boom, Bang—Offene Sicherheitslücke lässt fast alle aktuellen Browser abstürzen:
Das Problem betrifft sämtliche Chromium-basierten Browser und zeigt damit, wie weit die Monokultur in diesem Bereich vorangeschritten ist«
Vorher hatte ich oben den original Link getootet. Hier noch ein deutscher Artikel erklärend darüber.
#chromium #webbrowser #dosattack #blink #attack #dos #websecurity #brash #web #poc #documenttitle #websecurity #itsec #browser #google #chrome
Brash: Chromium Browser DoS Attack via document.title Exploitation
Brash is a critical vulnerability in Blink, the rendering engine that powers Google's Chromium-based browsers. It allows any Chromium browser to collapse in 15-60 seconds by exploiting an architectural flaw in how certain DOM operations are managed.
#chromium #webbrowser #dosattack #blink #attack #dos #websecurity #brash #web #poc #documenttitle #websecurity #itsec #itsecurity #browser #google
Joachim
boosted
“GlassWorm isn't just another supply chain attack. It's using stealth techniques we've never seen before - invisible Unicode characters that make malicious code literally disappear from code editors. Combine that with blockchain-based C2 infra that can't be taken down, Google Calendar as a backup command server, and a full remote access trojan that turns every infected dev into a criminal proxy node.”
#technology #attack #security #cybersecurity #malware #vscode
“GlassWorm isn't just another supply chain attack. It's using stealth techniques we've never seen before - invisible Unicode characters that make malicious code literally disappear from code editors. Combine that with blockchain-based C2 infra that can't be taken down, Google Calendar as a backup command server, and a full remote access trojan that turns every infected dev into a criminal proxy node.”
#technology #attack #security #cybersecurity #malware #vscode
Stefano Marinelli
boosted
Where The Wild Things Are: Brute-Force SSH Attacks In The Wild And How To Stop Them
This document was shared here by @ricci I've not gotten to study the document in detail. JUst saw it again in my download dir of my now defunct miniPC by gigabyte
Of course I will link you to his page so you can download the paper yourself. THe research covers 4 years and 500+ (512?) servers
Go to his post here read and learn.
You can learn a LOT from this research
Where The Wild Things Are: Brute-Force SSH Attacks In The Wild And How To Stop Them
This document was shared here by @ricci I've not gotten to study the document in detail. JUst saw it again in my download dir of my now defunct miniPC by gigabyte
Of course I will link you to his page so you can download the paper yourself. THe research covers 4 years and 500+ (512?) servers
Go to his post here read and learn.
You can learn a LOT from this research
North Shore Counter-Info: McElhanney trucks burned in Smithers, BC
https://north-shore.info/2025/08/27/mcelhanney-trucks-burned-in-smithers-bc/
From BC COUNTER INFO On August 10th at around 4am two trucks belonging to McElhanney were burned in Smithers, BC. McElhanney provides consulting services to the PRGT project. You can read more about their involvement in Against Extractivism: PRGT and its Actor and Arson attack in Terrace BC
#NewsandAnalysis#Attack#BC#PRGT
Puget Sound Anarchists: McElhanney trucks burned in Smithers (BC)
https://pugetsoundanarchists.org/mcelhanney-trucks-burned-in-smithers-bc/
originally posted on BC Counter InfoOn August 10th at around 4am two trucks belonging to McElhanney were burned in Smithers, BC. McElhanney provides…
#Action#Attack#Ecodefense #PipelineResistance#Arson#BC#Canada#Ecosabotage
Puget Sound Anarchists: Flame and Stone Against ICE (Yakima)
https://pugetsoundanarchists.org/flame-and-stone-against-ice-yakima/
submitted anonymously In the chaos of a fire, a rock found its way into the window of an U.S. Immigration and Customs Enforcement…
#Action#Attack#Immigration#ICE#Washington#Yakima
Philly Anti-Capitalist: Anti-Border Demonstration Report
https://phlanticap.noblogs.org/anti-border-demonstration-report/
Submission On the night of July 22 autonomous actors gathered in Center City to express their rage against borders. They took the streets. They marched for many blocks. Then they dispersed. Propaganda was distributed, trash got thrown onto the floor, some walls got themselves painted, and a police cruiser got itself vandalized. No arrests were…
#Attack#Demo
Philly Anti-Capitalist: poster/pasteup: butlerian jihad against ai
https://phlanticap.noblogs.org/poster-pasteup-butlerian-jihad-against-ai/
Submission [PDF]
#Attack#Media#Technology
Puget Sound Anarchists: Arson against drone manufacturer, Boeing subsidiary
https://pugetsoundanarchists.org/arson-against-drone-manufacturer-boeing-subsidiary/
submitted anonymouslyIn the early morning hours of July 23rd, an Insitu van was set ablaze while it sat in an empty lot across…
#Attack#Uncategorized#Action#Arson#Boeing#Borders#Drones#Hoodriver#Palestine#Surveillance
Philly Anti-Capitalist: Cameras Painted in Malcolm X Park
https://phlanticap.noblogs.org/cameras-painted-in-malcolm-x-park/
Submission Coasting off our excitement about autonomous self-organization, on the night of July 22nd we painted over all four cameras at Malcolm X Park. We want the park to stay the kind of place where people can meet and hang out without being surveilled, that’s why we took the game of Camover there. We’re holding…
#Attack#Immigration#Police#Technology
Mre. Dartigen [maker mode]
boosted
Attention server admins! Yesterday I've read a post by @simon_brooke how nasty AI scraper bots are attacking his self-hosted @forgejo instance. Soon after I'm seeing unusual, periodic traffic spikes on mine and again - dominated by OpenAI, but some other freeloaders too:
20.171.207.41 GPTBot/1.2
85.208.96.211 SemrushBot/7~bl
54.36.148.64 AhrefsBot/7.0
114.119.139.53 PetalBot
With GPTBot and SemrushBot attacking hardest 
They've been hammering my little server periodically today as well, slowing down my instance dramatically as if I was experiencing malicious DDoS attack 
Well, in a sense it is one 
Watch out - it seems corporate AI techbros learned to scrape 
content and starts doing it on a massive scale 
Remember when @Codeberg was (and repeatedly is) hit?
For now blocked IP ranges and User-Agent combinations, not sure for how long that will be enough 
Please boost for visibility and be prepared!
#forgejo #developerlife #coding #attack #techbros #aislop #openai #bots #ddos
Attention server admins! Yesterday I've read a post by @simon_brooke how nasty AI scraper bots are attacking his self-hosted @forgejo instance. Soon after I'm seeing unusual, periodic traffic spikes on mine and again - dominated by OpenAI, but some other freeloaders too:
20.171.207.41 GPTBot/1.2
85.208.96.211 SemrushBot/7~bl
54.36.148.64 AhrefsBot/7.0
114.119.139.53 PetalBot
With GPTBot and SemrushBot attacking hardest
They've been hammering my little server periodically today as well, slowing down my instance dramatically as if I was experiencing malicious DDoS attack Well, in a sense it is one
Watch out - it seems corporate AI techbros learned to scrape content and starts doing it on a massive scale Remember when @Codeberg was (and repeatedly is) hit?
For now blocked IP ranges and User-Agent combinations, not sure for how long that will be enough
Please boost for visibility and be prepared!
#forgejo #developerlife #coding #attack #techbros #aislop #openai #bots #ddos