We better should’ve stayed at 640kB.

However I can see when any IPv6 begins with 2a02:12xx:: then it’s Swisscom (biggest swiss ISP). But I can’t remember any of their hundreds of IPv4 prefixes.

ExtensibleMarkupLanguageHypertextTransferProtocolRequest

This makes only sense, given that they have a dedicated investors.broadcom.com page but no security.broadcom.com you can see where their focus is.

For services I host I really like this EULA:

If the Provider of the Service (the “Provider”) needs a place to crash and you have a sofa available, you should maybe give the Provider a break and let him sleep on your couch.

If you are caught in a dire situation wherein you only have enough time to save one person out of a group, and the Provider is a member of that group, you must save the Provider.

THE ACCESS IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO BLAH BLAH BLAH ISN’T IT FUNNY HOW UPPER-CASE MAKES IT SOUND LIKE THE LICENSE IS ANGRY AND SHOUTING AT YOU.

Edit: original found here: https://github.com/pirate/security-growler

I would recommemd setting up greylog. It’s pipelines are really mighty and not that hard to learn. You can run it in a VM.

If you really want to you can run filebeat on windows with a file output, so it will write everything in json format to a file. However you will still have to parse ot, make it searchable etc.

The root cause has been fixed in 2.2.2: https://www.phoronix.com/news/OpenZFS-2.2.2-Released Block cloning has not yet been reenabled as default though.

Don’t worry it’s only a few snort rules for 3 OT products that alert when you access the webinterface. Don’t know how anyone should find anything with this.

https://m.xkcd.com/583/

https://ittavern.com/troubleshooting-asking-the-right-questions/

If you are running a version of Exchange Server earlier than the Aug 2022 SU, We send you thoughts and prayers, and very strong but gentle guidance to update your servers to the latest SU immediately.

https://techcommunity.microsoft.com/t5/exchange-team-blog/coming-soon-enabling-extended-protection-on-exchange-server-by/ba-p/3911849

Originally was:

“DVWA v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at blind\source\high.php.”

Source report: https://github.com/KLSEHB/vulnerability-report/blob/c1f3f27286e435d1bd5893a5fea2ffbe9fb55cbd/Dvwa_vulnerability

According to one of the vuln posts a redirect and cookie stealing code was added as onload js (can even be seen in a screenshot).

Together with the JWT that are valid for a year and non revokable (https://github.com/LemmyNet/lemmy/issues/3364) that means if you logged in or browsed an affected instance while logged in to it the attacker got your account and the only way to get it back is not in your hands but in the instance admins (they have to delete all sessions from the DB).