Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
bolha.us is one of the many independent Mastodon servers you can use to participate in the fediverse.
We're a Brazilian IT Community. We love IT/DevOps/Cloud, but we also love to talk about life, the universe, and more. | Nós somos uma comunidade de TI Brasileira, gostamos de Dev/DevOps/Cloud e mais!

Administered by:

Server stats:

252
active users

bolha.us: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.4

#dns

32 posts29 participants6 posts today
Public
Infoblox Threat Intel

Malicious actors have taken notice of news about the US Social Security System. We've seen multiple spam campaigns that attempt to phish users or lure them to download malware.

Emails with subjects like "Social Security Administrator.", "Social Security Statement", and "ensure the accuracy of your earnings record" contain malicious links and attachments.

One example contained a disguised URL that redirected to user2ilogon[.]es in order to download the trojan file named SsaViewer1.7.exe.

Actors using social security lures are connected to malicious campaigns targeting major brands through their DNS records.

Block these:

user2ilogon[.]es
viewer-ssa-gov[.]es
wellsffrago[.]com
nf-prime[.]com
deilvery-us[.]com
wllesfrarqo-home[.]com
nahud[.]com.

#dns #lookalikes #lookalikeDomain #threatintel #cybercrime #threatintelligence #cybersecurity #infoblox #infobloxthreatintel #infosec #pdns #malware #scam #ssa

Public
Terence Eden

🆕 blog! “How to prevent Payment Pointer fraud”

There's a new Web Standard in town! Meet WebMonetization - it aims to be a low effort way to help users passively pay website owners.

The pitch is simple. A website owner places a single new line in their HTML's <head> - something like this:

<link rel="monetization"…

👀 Read more: shkspr.mobi/blog/2025/03/how-t

#CyberSecurity #dns #HTML #standards #WebMonitization

Web Monetization The Web Monetization API allows websites to automatically and passively receive payments from Web Monetization-enabled visitors.
Terence Eden’s Blog · How to prevent Payment Pointer fraud
More from Terence Eden
Public
Opalsec :verified:

Our latest newsletter is out, get it while it's hot!

🗞️ opalsec.io/daily-news-update-f

Key stories:

🏥 Oracle's under fire: A breach at Oracle Health compromised patient data, with Oracle allegedly shifting responsibility to hospitals and avoiding documentation. This follows hot on the heels of denial regarding an alleged Oracle Cloud breach, raising serious questions about their security culture.

🛒 Clop's back in the headlines: Sam's Club - a Walmart subsidiary - is investigating claims of a Clop ransomware attack, potentially linked to the Cleo file transfer vulnerability that has already hit other organizations hard.

📡Don't miss this bizarre twist: Cable operator WideOpenWest (WOW!) is dealing with a breach claimed by Arkana Group, who are publicizing the stolen data (usernames, passwords, etc.) with a… Russian music video. The alleged attack vector? Infostealer malware.

Get up to speed with these stories and more: opalsec.io/daily-news-update-f

If you'd like to get the latest Cyber Security news wrapped up and delivered to your inbox every day, subscribe to our newsletter here!

📨opalsec.io/daily-news-update-f

Opalsec · Daily News Update: Saturday, March 29, 2025 (Australia/Melbourne)A breach at Oracle Health compromised patient data, with Oracle allegedly shifting responsibility to hospitals and avoiding documentation. A Walmart subsidiary is investigating claims of a Clop ransomware attack, potentially linked to the Cleo file transfer vulnerability.
#CyberSecurity#DataBreach#Ransomware
Public
Opalsec :verified:

Our latest newsletter is out, get it while it's hot!

🗞️ opalsec.io/daily-news-update-f

Key stories:

🏥 Oracle's under fire: A breach at Oracle Health compromised patient data, with Oracle allegedly shifting responsibility to hospitals and avoiding documentation. This follows hot on the heels of denial regarding an alleged Oracle Cloud breach, raising serious questions about their security culture.

🛒 Clop's back in the headlines: Sam's Club - a Walmart subsidiary - is investigating claims of a Clop ransomware attack, potentially linked to the Cleo file transfer vulnerability that has already hit other organizations hard.

📡Don't miss this bizarre twist: Cable operator WideOpenWest (WOW!) is dealing with a breach claimed by Arkana Group, who are publicizing the stolen data (usernames, passwords, etc.) with a… Russian music video. The alleged attack vector? Infostealer malware.

Get up to speed with these stories and more: opalsec.io/daily-news-update-f

If you'd like to get the latest Cyber Security news wrapped up and delivered to your inbox every day, subscribe to our newsletter here!

📨opalsec.io/daily-news-update-f

Opalsec · Daily News Update: Saturday, March 29, 2025 (Australia/Melbourne)A breach at Oracle Health compromised patient data, with Oracle allegedly shifting responsibility to hospitals and avoiding documentation. A Walmart subsidiary is investigating claims of a Clop ransomware attack, potentially linked to the Cleo file transfer vulnerability.
#CyberSecurity#DataBreach#Ransomware
Public *
Esk 🐌⚡💜

howdy, #hachyderm!

over the last week or so, we've been preparing to move hachy's #DNS zones from #AWS route 53 to bunny DNS.

since this could be a pretty scary thing -- going from one geo-DNS provider to another -- we want to make sure *before* we move that records are resolving in a reasonable way across the globe.

to help us to do this, we've started a small, lightweight tool that we can deploy to a provider like bunny's magic containers to quickly get DNS resolution info from multiple geographic regions quickly. we then write this data to a backend S3 bucket, at which point we can use a tool like #duckdb to analyze the results and find records we need to tweak to improve performance. all *before* we make the change.

then, after we've flipped the switch and while DNS is propagating -- :blobfoxscared: -- we can watch in real-time as different servers begin flipping over to the new provider.

we named the tool hachyboop and it's available publicly --> github.com/hachyderm/hachyboop

please keep in mind that it's early in the booper's life, and there's a lot we can do, including cleaning up my hacky code. :blobfoxlaughsweat:

attached is an example of a quick run across 17 regions for a few minutes. the data is spread across multiple files but duckdb makes it quite easy for us to query everything like it's one table.

screenshot of a console with a duckdb command that is selecting data from multiple parquet files in an s3 bucket across multiple folders. the resulting table has many rows with a timestamp, unique client ID, region, host it was querying, and the results provided by the DNS server that was queried.
#sre#devops#mastodon
Public
JP Mens

I’ve been asked a few times over the course of the same amount of days, what would happen if the powers that be began deleting top-level domains (TLDs) from the DNS system, and whether there is something we (e.g. Asians, Africans, Europeans, Canadians, South Americans, Australians, etc.) could do about it.

A very theoretical scenario, DNS edition

jpmens.net/2025/03/27/theoreti

jpmens.netJan-Piet Mens :: A very theoretical scenario, DNS edition
#dns
Public
Stefano Marinelli

Another round of “hey, your server is down!” drama from the "we need moar kubernetes!" crowd.

“I can’t reach your server, it must be down.”

I connect. Everything’s fine.

A few emails later, I ask to access the container. The dev says he can’t - doesn’t know how. He’s a nice guy, though, so he gives me the credentials.

I log in and find the issue: someone pushed a workload to production (cue Kubernetes! Moooaaarrr powaaaarrr! We have the cloud! Who needs sysadmins anymore?!) with DNS set to 192.168.1.1.

Of course, it fell to me to investigate, because the dev couldn’t even get a shell inside his container. And it's ok, as he's a dev - and just wants to be a dev.

Once I pointed it out, they rebuilt the container with the correct config and - TADA! - everything worked again.

Then he went to check other workloads (for other clients, not managed by me) that had been having issues for weeks... Same problem.

It was DNS.
But it wasn't DNS.

#IT#SysAdmin#DNS
Public
JP Mens

In today's edition of "Why The Fuck Does Debian Insist On Starting Daemons When I've Only Just Installed The Package And Not Yet Configured It?!", we present: NSD

#dns

(Yes, and I know there's a policy script somewhere.)

Public
Infoblox Threat Intel

For one reason or another, some domain registrars seem to attract threat actors. This leads to domains registered through these registrars having higher associated risk. Unlike TLD reputation scores, which are fairly consistent from month to month, registrar reputation scores can vary quite a bit month to month. In fact, this month's riskiest registrar, Dominit (HK) Ltd., increased from a score of 7 to 9 and jumped a whopping 29 spots to reach #1.

An explanation and minimum-working-example of our reputation algorithm can be found here: blogs.infoblox.com/threat-inte

The riskiest registrars for Mach 2025 as determined by Infoblox's publicly available reputation scoring algorithm
#dns#threatintel#cybercrime
Public *
🌻

Meine Datenschutz und Privatsphäre Übersicht 2025, für die Allgemeinheit 🕵️‍♂️

Teilen er­be­ten ‼️ :BoostOK:

als PDF:

cryptpad.digitalcourage.de/fil

 #DSGVO #TDDDG ( #unplugtrump )
#Datenschutz #Privatsphäre #sicherheit #Verschlüsselung
#encryption #WEtell #SoloKey #NitroKey #Email #Cybersecurity #Pixelfed #Massenűberwachung
#Google #Metadaten #WhatsApp #Threema #Cryptpad #Signal
#Hateaid #Cyberstalking #Messenger #Browser #Youtube #NewPipe #Chatkontrolle #nichtszuverbergen #ÜberwachungsKapitalismus #Microsoft #Apple #Windows #Linux #Matrix #Mastodon #Friendica #Fediverse #Mastodir #Loops #2FA #Ransomware #Foss #VeraCrypt #HateAid #Coreboot #Volksverpetzer #Netzpolitik #Digitalisierung #FragdenStaat #Shiftphone  #OpenSource #GrapheneOS #CCC #Mail #Mullvad #PGP #GnuPG #DNS #Gaming #linuxgaming #Lutris #Protondb #eOS #Enshittification
#Bloatware #TPM #Murena  #LiberaPay #GnuTaler #Taler #PreppingforFuture
#FediLZ #BlueLZ #InstaLZ #ThreatModel
#FLOSS #UEFI #Medienkompetenz

ExploreLive feeds
About