@JEBofChristTheLord @MattTheQuick #LinuxMint is actually a pitfall in terms of #digitalRights. They have jailed their docs in an exclusive walled garden & if you try to simply read the forum content from the Tor network they push a #Sucuri blockade:

@dsfgs @funkybuddha I did a quick skim through it and superficially it looks quite well worded. It would be interesting to know rationale for tagging each digital feudalist & not tagging. Criteria is not stated. I saw no mention of #Sucuri, which is a Tor-hostile gatekeeper (though perhaps small). I get the impression the only criteria is an actor’s size, not behavior.

Here is a tip for infosec-people looking for a list of unwanted characters when writing "deny"-Lists/Jails (e.g. with #fail2ban). So you can block some unwanted bots/scanners and some script kiddies.

#infosec #security #ids #web

Article from #sucuri: Bad Paths & The Importance of Using Valid URL Characters
https://blog.sucuri.net/2023/01/bad-paths-the-importance-of-using-valid-url-characters.html

Hier ein Tipp für #ITlers, die beim Schreiben von "deny"-Listen/Jails (z.B. mit #fail2ban) nach einer Liste von unerwünschten Zeichen suchen. So kann man einige unerwünschte Bots/Scanners und einige #Scriptkiddie blockieren.

Artikel von #sucuri: Bad Paths & The Importance of Using Valid URL Characters.

URL: https://blog.sucuri.net/2023/01/bad-paths-the-importance-of-using-valid-url-characters.html

Note that #Cloudflare’s fedi host (noc.social) is still tied to perniciously blind Tor-hostility: #Sucuri

Oltre 15.000 siti sono stati compromessi per avvelenare la SEO

Gli analisti di #Sucuri hanno scoperto una massiccia campagna di #hacking in cui sono stati violati circa 15.000 siti, per lo più #WordPress.

Gli aggressori utilizzano risorse compromesse per la “#seo #blackhat”, aggiungendo circa 20.000 file a ciascun sito e reindirizzando i visitatori a falsi #forum di domande e risposte.

I #ricercatori ritengono che con l’aiuto di questi file, gli aggressori stiano cercando di aumentare il numero di pagine da indicizzare su #Google e quindi migliorare il posizionamento dei loro siti #fake.

#redhotcyber #informationsecurity #ethicalhacking #dataprotection #hacking #cybersecurity #cybercrime #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #privacy #infosecurity

https://lnkd.in/dFeikwEJ

Published a blog on what turns out to be one of the oldest (and possibly largest) WordPress malware campaigns with some data from our friends at #Sucuri

https://www.malwarebytes.com/blog/threat-intelligence/2022/11/spectrepoint

Nice blog by Ben from #Sucuri:
https://blog.sucuri.net/2022/11/massive-ois-is-black-hat-redirect-malware-campaign.html

Hacked sites are redirecting to bogus Q&A pages.

They also abuse a Google open redirect.

Rules for #EKFiddle updated to detect this campaign: https://github.com/malwareinfosec/EKFiddle

shit… warning folks: the cbbc.org link is a #Sucuri link! Sorry, I should have DM’d that to MG before posting.

@wzqtparor @alf Can’t read the article (fucked up #Sucuri site). So with only the headline to go on, my question would be how do you propose stopping misgendering without punishment? What is the punishment & what would be a more effective deterrant?

If you visit the #Lynx homepage using a graphical browser over Tor, a #Sucuri blockade denies access. But if you run “torsocks lynx https://lynx.invisible-island.net/lynx.html” suddenly your Tor IP becomes acceptible to their access rules. #crappyDesign by #selectiveSecurity

I ricercatori di sicurezza informatica di #Sucuri hanno scoperto una massiccia campagna che ha compromesso migliaia di siti Web #WordPress iniettando codice JavaScript dannoso che reindirizza i visitatori a contenuti truffa
Di Pierluigi #Paganini su #securityaffairs
https://securityaffairs.co/wordpress/131202/hacking/wordpress-websites-hacking-campaign.html