Apple Private Relay appears to be sharing IP address ranges with 1 or more botnets.
Smooth move, #Apple. Now you're forcing Web hosts to block legitimate users because they're coming into our networks with bot traffic.
Apple Private Relay appears to be sharing IP address ranges with 1 or more botnets.
Smooth move, #Apple. Now you're forcing Web hosts to block legitimate users because they're coming into our networks with bot traffic.
@torproject Q: I wish there was a similar tool test #Bridges, as https://bridges.torproject.org/scan/ is not that good and I don't want to hammer it with dozens of addresses, cuz at best that's quite antisocial if not possibly trigger responses assuming this is an intelligence gathering operation.
I.e.
bridgetest -v4 obfs4 203.0.113.0:80 …
bridgetest -v6 webtunnel [2001:DB8::1]:443 …
bridgetest -list ./tor.bridges.list.private.tsv
Similarly there needs to be a more granular way to request #TorBridges from #BridgeDB (as it's basically impossible to get #IPv4 #Webtunnel addresses nor is there an option to filter for #ports like :80
& :443
to deal with restrictive #firewalls (i.e. on public #WiFi)…
ipv6=yes
but neither ipv4=yes
nor ipv6=no
yielded me other resultd than #IPv6 webtunnel
bridges…And before anyone asks: Yes, I do have a "legitimate purpose" as some of my contacts do need Bridges to get beyond a mandatory firewall and/or do use #TorBrowser (through an #SSH tunnel) to circumvent Tor & #VPN blocks and maintain privacy (as many companies do block sometimes entire #Hosters' ASNs due to rampant #scrapers…
@adisonverlice I think that's dangerous disinfo as @torproject actively works against attempts to fingerprint and track #Tor users.
In fact, Tor has been designed with the explicit goal to circumvent #Firewalls and #InternetCensorship methods like #DeepApcketInspection.
As a matter of principle I'd never vouch for any #centralized, #SingleVendor and/or #SingleProvider solution of any kind, including #Session.
@k4m1 @stman yeah, according to the #RTL8139 #datasheet this is basically a very cheap 10/100M NIC designed #embedded systems and low-end/low-cost desktops, and for a device designed and sold in 2006 it made sense, given back then #Gigabit-#Ethernet and Cat.5 cabling was considered high-end.
The few issues known only affect like #Virtualization setups, a market this thing was never designed for (most likely also never tested against).
It's the reason why to this day we see #Realtek NICs being shipped instead of fanning-out & enabling #SoC-integrated NICs with a #MAC & #PHY instead: Because the auxilliary parts for those are more expensive than just getting a PCI(e lane) somewhere and plonking it down.
Most modern NICs are more complex and demand more configuration / driver support...
For those who don't know (which is most of you), this project has been the intense focus of my work, taking up a huge amount of my time, energy, and investigative effort for the past 14 months - while still helping others at Sophos publish their research; running an election campaign where I was a candidate for school board; speaking at Blue Hat, @defcon #Saintcon, #VirusBulletin and other conferences; guest lecturing to classes at CU Boulder; volunteering my time canvassing for political candidates; serving as a docent at the @mediaarchaeologylab; working as a poll worker during the current US election cycle; and starting up the Elect More Hackers (electmorehackers.com) organization.
Whew. It's actually kind of daunting just to read that. I also sometimes sleep and eat.
@SophosXOps has been, at its core, an institution that values radical transparency, and this story (and the earlier research investigations into the Operation Pacific Rim threat actors and incidents) demonstrates Sophos' commitment to truth and journalistic integrity, following a story wherever it leads.
I hope our publication today starts a larger conversation and collaboration within the cybersecurity industry - inside and outside the Cyber Threat Alliance, which Sophos actively supports and where I am proud to represent my employer - to work together to thwart the ambitions of nation-state threat actors such as the perpetrators of Operation Pacific Rim, in order to protect the privacy and safety of everyone, everywhere.
#PacificRim #OperationPacificRim #malware #china #hacking #hacks #infosec #firewalls #intrusiondetection
@wdormann so basically all modern #distros are unaffected because they all have a built-in #firewall up and running...
*The Internet of European Things. #firewalls #cyberspace #postinternet
Chinese, Russian espionage campaigns increasingly targeting edge devices
https://therecord.media/chinese-russian-hackers-edge-devices #china #russia #hackers #EspionageAttacks #VPNappliances #firewalls #routers #InternetOfThings
Cisco: Angreifer platzieren mithilfe neuer 0-Day-Lücke Hintertüren auf Firewalls | heise online
https://heise.de/-9697459 #Firewalls #ZeroDay #Backdoor
Cisco firewall 0-days under attack for 5 months by resourceful nation-state hackers - Enlarge (credit: Getty Images)
Hackers backed by a powerful na... - https://arstechnica.com/?p=2019790 #networkperimeter #firewalls #security #uat4356 #biz #vpns
Researchers tell owners to “assume compromise” of unpatched Zyxel firewalls - Enlarge (credit: Getty Images)
Firewalls made by Zyxel are bei... - https://arstechnica.com/?p=1943400 #vulnerabilities #firewalls #security #exploits #biz #zyxel
It's only 6%, but that's still over 4000 firewalls with big ass holes in 'em!
More than 4,400 Sophos firewall servers remain vulnerable to critical exploits https://arstechnica.com/information-technology/2023/01/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits/
#Introduction
Introduction
Redoing my #introduction as it was a bit of a sparse one when I joined.
I am a lifelong #technology enthusiast, having worked in Financial Services IT for more than 25 years, across multiple disciplines including:
* #Unisys #MCP-based #mainframe platforms (A17/A19/HMP NX 6800/Libra 180/Libra 6xx/Libra 890)
* #EMC #Symmetrix storage arrays (DMX 3/4 and most recently VMAX) including experience of #SRDF(S), SRDF(A), BCV
* #WindowsServer (2000 through 2019) including #ActiveDirectory
* Various #Linux/ #Unix OSes (#HPUX/ #RHEL/ #Centos/ #Ubuntu/ #Raspbian) including experience of #GFS/#GFS2 SAN storage clustering
* Virtual Tape Server technology (B&L/Crossroads/ETI Net SPHiNX, #TSM)
* Automation/Scripting (#PowerShell, #NT #Batch, #DOS, #Bash, #OPAL)
* #Security (#PrivilegedAccessManagement, #LeastPrivilege, #IAM, #Firewalls, #EDR)
* #BusinessContinuity/#DisasterRecovery (Design/Implementation/Operations)
I’m focused on learning and getting hands-on with #RaspberryPi at home and #cloud computing solutions both at work and at home.
I moved into a #SecurityEngineering role in 2020, so a lot of my focus is now more security focussed across all tech stacks.
My main focus at present when it comes to cloud is predominately #Microsoft #Azure, with Google and AWS of interest also, as well as other cloud infrastructure services such as those provided by CloudFlare, though I’m planning a move away from them due to their moral/ethical choices.
Away from work and tech, I love to #travel the world with my wife and enjoy very amateur #photography to record our adventures.
I also love most genres of #music, live in concert when I can, with a particular love of #Rock/ #Metal and also #Trance (coincidentally, given the profession of a somewhat more well known namesake of mine!).
Signing up for a new social network reminds me how #antisocial I am!
#introduction time:
I'm a #parent, all-around #geek, & serial #hobbyist: #photography, #woodworking, #3dprinting, #sewing, #vinylcutting, & more
Currently tinkering with #opensource #flashlights (Anduril)
I've worked w/ #networking & #firewalls for 20 years and currently work at #netgate on the #opensource firewall #pfSense (#development plus #documentation in #sphinx)
See my profile for even more hobbies and interests
Bin #neuhier und habe mich kurz durch #JoinFediverseWiki gewählt... Grundverständnis ist nun schon mal da :-)
Ich hänge im Rheinland ab und bin IT Spezialist, allerdings bisher auf keiner Social Media Plattform unterwegs ... habe keine Daten zu verschenken, dafür aber die AGB's gelesen ;-)
Interessen #firewalls #network #dogs #violin #news
+++++++++
Hello everybody,
I am from Northrine Westfalia, Computer Professional and interested in the above topics
cu