Searching txt.sour.is

Twts matching #attack
Sort by: Newest, Oldest, Most Relevant

JMP: Mitigating MITMs in XMPP
In October 2023, Jabber.ru, “the largest Russian XMPP messaging service”, discovered that both Hetzner and Linode had been targeting them with Machine-In-The-Middle (MITM) attacks for up to 6 months. MITM attacks are when an unauthorised third party intercepts traffic intended for someone else. At the point of interception, the attacker can inspect and even modify that traffic. TLS was created to mitigate this; all communication between the two parties is encrypted, so the third party sees … ⌘ Read more

⤋ Read More

Five quick hits: Behich puts Australia closer to World Cup qualification
Tony Popovic chooses substance over sparkle, Socceroos lack imagination in attack, and Aziz Behich provides an improbable wonder goal. These are five quick hits from Australia’s dramatic 1-0 defeat of Japan. ⌘ Read more

⤋ Read More

JMP: Mitigating MITMs in XMPP
In October 2023, Jabber.ru, “the largest Russian XMPP messaging service”, discovered that both Hetzner and Linode had been targeting them with Machine-In-The-Middle (MITM) attacks for up to 6 months. MITM attacks are when an unauthorised third party intercepts traffic intended for someone else. At the point of interception, the attacker can inspect and even modify that traffic. TLS was created to mitigate this; all communication between the two parties is encrypted, so the third party sees … ⌘ Read more

⤋ Read More

Man jailed for four years over stabbing of ‘good Samaritan’ former reality TV contestant
A man who “savagely” attacked and stabbed former Bachelorette contestant Paddy Colliar, who was working as a topless waiter at a 60th birthday party, has been jailed for at least four years. ⌘ Read more

⤋ Read More

Charge dropped against US conspiracy theorist linked to Wieambilla attack
Donald Day Jr — who regularly communicated with Wieambilla killers Gareth, Stacey, and Nathaniel Train — is facing charges relating to making alleged threats and violating firearms laws. ⌘ Read more

⤋ Read More

Drones can be ‘anywhere, anytime’: Ukraine attack marks new era in warfare
Military analysts say Ukraine’s audacious attack on Russian air bases marks the next phase in tactical drone warfare, and all countries — including Australia — need to take note. ⌘ Read more

⤋ Read More

Putin vows revenge for Ukraine’s drone attack, Trump warns after phone call
The US president and his Russian counterpart spoke for more than an hour but Donald Trump said it was “not a conversation that will lead to immediate peace”. ⌘ Read more

⤋ Read More

This is the Socceroos’ most important week in years — but best attack still a mystery
Despite a historic A-League season for young Australian forwards, Tony Popovic has trusted in the tried and true for this week’s crunch matches against Japan and Saudi Arabia as World Cup qualification beckons. ⌘ Read more

⤋ Read More

Queensland croc attack survivor joins calls for removal, culling
A father of two who managed to fight off a monster croc by stabbing it in the neck has voiced his support for a petition to more strictly control the animals in his region. ⌘ Read more

⤋ Read More

Images reveal aircraft lost in Ukraine’s ‘Spider’s Web’ attack on Russia
Operation Spider’s Web saw Ukraine reach deep into Russia and attack some of its most precious war machines. Images showing the damage inflicted are now beginning to emerge. ⌘ Read more

⤋ Read More

DNS rebinding attacks explained: The lookup is coming from inside the house!
DNS rebinding attack without CORS against local network web applications. Explore the topic further and see how it can be used to exploit vulnerabilities in the real-world.

The post [DNS rebinding attacks explained: The lookup is coming from inside the house!](https://github.blog/security/application-security/dns-rebinding-attacks-explained-the-lookup-is-coming-from- … ⌘ Read more

⤋ Read More

Man sentenced for attacking housemate, stealing dog from pound
Kyle Hiscox broke into Domestic Animal Services ACT to steal his own dog Nova, and then attacked a housemate with a hockey stick, leaving the victim so scarred they left Canberra. ⌘ Read more

⤋ Read More

Putin likes to have the upper hand, but before Istanbul Zelenskyy played an ace
Vladimir Putin and Volodymyr Zelenskyy sent delegates to Istanbul to talk peace, but a day prior Ukraine sent its strongest signal to Russia and any third-party brokers: The war is not lost, writes Emily Clark. ⌘ Read more

⤋ Read More

Teens who attack rugby great during home invasion have sentences upheld
The boy — aged 15 at the time of the offence — were sentenced to seven and eight years in prison respectively after attacking rugby union great Toutai Kefu and his family at their home. ⌘ Read more

⤋ Read More

Colorado terror attack suspect charged with hate crime
FBI documents allege Mohamed Sabry Soliman used a makeshift flamethrower and threw Molotov cocktails at a pro-Israel group in an attack he says he planned for more than a year. ⌘ Read more

⤋ Read More

Hundreds walk in solidarity after ‘unspeakable’ attack on running woman
Hundreds of Canberrans take part in a solidarity walk to show support for a woman grabbed from behind and assaulted while running at the Mulligan’s Flat Nature Reserve in Bonner last Monday. ⌘ Read more

⤋ Read More

What we know about the suspected ‘terror attack’ at the Colorado mall
Six people are injured after an attack on a group of people raising awareness about Israeli hostages held in Gaza. The FBI is treating the incident in Boulder, Colorado, as an act of terrorism but local police are refusing to speculate on the motive. ⌘ Read more

⤋ Read More

22yo woman dies in Darwin hospital after alleged domestic violence attack
A 22-year-old woman has died at Royal Darwin Hospital 10 days after an alleged domestic violence attack. A man has been charged as police continue to investigate. ⌘ Read more

⤋ Read More

FBI investigating ‘targeted terror attack’ in Colorado
Local police in Boulder, Colorado and FBI agents establish an evacuation zone at a popular pedestrian area, where authorities say “several victims” have been targeted. ⌘ Read more

⤋ Read More

[$] Glibc project revisits infrastructure security
The GNU C Library
(glibc) is the core C library for most Linux distributions, so it is a
crucial part of the open-source ecosystem—and an attractive
target for any attackers looking to carry out supply-chain
attacks. With that being the case, securing the project’s
infrastructure using industry best practices and improving the
security of its development practices are a frequent topic among glibc
developers. A recent discussion suggests that improveme … ⌘ Read more

⤋ Read More

[$] System-wide encrypted DNS
The increasing sophistication of attackers has organizations
realizing that perimeter-based security models are inadequate. Many
are planning to transition their internal networks to a zero-trust\
architecture. This requires every communication on the network to
be encrypted, authenticated, and authorized. This can be achieved in
applications and services by using modern communication
protocols. However, the world still depends on Domain Name Syste … ⌘ Read more

⤋ Read More

Did Harvard reject Barron Trump? Truth behind his college choice has sparks buzz online
,    -  The Economic Times (India)

_Stephan: I have been following closely Trump’s attack on Harvard. At one level it is clearly part of MAGAt coup to intimidate or take over universities, so they do what the MAGAt fascists want, indoctrinate instead of educate. But there is something weird and personal about what Trump is doing and saying. According … ⌘ Read more

⤋ Read More

[$] Injecting speculation barriers into BPF programs
The disclosure of the Spectre\
class of hardware vulnerabilities created a lot of pain for kernel
developers (and many others). That pain was especially acutely felt in the
BPF community. While an attacker might have to painfully search the kernel
code base for exploitable code, an attacker using BPF can simply write and
load their own speculation gadgets, which is a much more efficient way of
operating. The BPF comm … ⌘ Read more

⤋ Read More

So, the “AI” bots have reached my website. Looks like they’re just slowly crawling everything at the moment – no DDoS-like attack yet. I wonder if that has something to do with my website being 100% static HTML. There are no GET parameters they can tweak and, at the end of the day, there’s not that much data on my server anyway … And maybe they have no idea what stagit is, so it doesn’t trigger “standard behavior”, like “this is a Gitea instance, let’s crawl this like crazy!”?

⤋ Read More

CNCF Announces Graduation of in-toto Security Framework, Enhancing Software Supply Chain Integrity Across Industries
NYU Tandon-developed software security framework achieves highest CNCF maturity level, combating rising software supply chain attacks SAN FRANCISCO, CA, April 23, 2025 – The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native… ⌘ Read more

⤋ Read More

Also, I should cut down on coffee. Seriously, I’ve nearly had a … I honestly don’t know what it was; A Panic attack? A heart attack? I dunno, I just felt like my heart and lungs were so about to burst I had to go for a run to cope.

⤋ Read More

‘Deep red rural America’ hurts most as Trump attacks on liberal programs backfire: report
Jennifer Bowers Bahney,  Contributing Writer  -  Raw Story

_Stephan: Just as I, and many others have predicted, MAGAt world is going to experience the worst effects of the Trump coup and dismantlement of the economy and government. And in many ways, MAGAt voters didn’t even think about that when they voted. Here is an example of what I mean. I think … ⌘ Read more

⤋ Read More
In-reply-to » @prologic @bender @eapl.me I think opening another file is a bad idea because it adds complexity to the clients, breaks the single feed and I think keeping legacy clients will be more complex to add new features in the future. A modern approach is important. I'll be honest, I'm a bit tired of the fight around the direct message. Perhaps, we can remove it as an extension and use the alternative @prologic . My suggestion apparently doesn't like to the community. I have no problem with remove it.

@eapl.me@eapl.me This is one of my concerns too. The moment you post publicly ciphertext, you open yourself up for future attacks on the ciphertext, which you really want to avoid if you can. If you have a read of the Salty.im Spec you’ll note we went to great lengths to protect the user’s privacy as well as their identity and make it incredibly hard to guess at inboxes. It’s still a WIP, but I’d love to see it progressed even further – I truly feel strongly about a purely decentralised messaging ecosystem 👌

⤋ Read More