SwitHak

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

• If you want to add a link, comment or send it to me
• Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

• Royce Williams list sorted by vendors responses Royce List
• Very detailed list NCSC-NL
• The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List

theojulienne

#!/usr/bin/python
bpf_text = """
#include <linux/ptrace.h>
#include <linux/sched.h>        /* For TASK_COMM_LEN */

#include <linux/icmp.h>
#include <linux/netdevice.h>

struct probe_icmp_data_t
{

maxidorius

Notes on privacy and data collection of Matrix.org

---

This version of the document is no longer canonical. You can find the canonical version hosted at Gitlab and Github.

PART 2 IS OUT, INCLUDING THE DISCLOSURE OF A GLOBAL FEDERATION DATA LEAK, AND THE ANATOMY OF A GDPR DATA REQUEST HANDLED BY MATRIX.ORG. SEE THE REPOS ABOVE.

rgpublic

#!/bin/bash

## CAUTION:
## This script will remove (hopefully) all trace of the given room ID from
## your homeserver.db

## Do not run it lightly.

set -e

shokinn

#
# This script is depricated go to this repo to get the latest version:
#  https://github.com/shokinn/emby-updater
#
#
#
# If you still need the old (bash) version, you can find it in the older Versions of this gist.
#

marcan

/* SMBLoris attack proof-of-concept
 * 
 * Copyright 2017 Hector Martin "marcan" <marcan@marcan.st>
 *
 * Licensed under the terms of the 2-clause BSD license.
 *
 * This is a proof of concept of a publicly disclosed vulnerability.
 * Please do not go around randomly DoSing people with it.
 *
 * Tips: do not use your local IP as source, or if you do, use iptables to block

StevenACoffman

MicroService Proxy Gateway Solutions

Kong, Traefik, Caddy, Linkerd, Fabio, Vulcand, and Netflix Zuul seem to be the most common in microservice proxy/gateway solutions. Kubernetes Ingress is often a simple Ngnix, which is difficult to separate the popularity from other things.

Github Star Trend:

This is just a picture of this link from March 2, 2019

Originally, I had included some other solution

xvitaly

@echo off
echo Uninstalling KB3075249 (telemetry for Win7/8.1)
start /w wusa.exe /uninstall /kb:3075249 /quiet /norestart
echo Uninstalling KB3080149 (telemetry for Win7/8.1)
start /w wusa.exe /uninstall /kb:3080149 /quiet /norestart
echo Uninstalling KB3021917 (telemetry for Win7)
start /w wusa.exe /uninstall /kb:3021917 /quiet /norestart
echo Uninstalling KB3022345 (telemetry)
start /w wusa.exe /uninstall /kb:3022345 /quiet /norestart
echo Uninstalling KB3068708 (telemetry)

dnozay

Simple collection of Groovy scripts to help me maintain some Jenkins systems.

See also https://wiki.jenkins-ci.org/display/JENKINS/Jenkins+Script+Console

Please comment & let me know if you have a fork / fixes you'd like to include.

openfirmware

ZFS Snapshots and PostgreSQL

I recently set up a host running Ubuntu 14.04 LTS, ubuntu-zfs, and PostgreSQL 9.3. Using the ZFS snapshot feature I was able to make a snapshot of the file system holding the PostgreSQL database, write the snapshot to a compressed file, transfer it to another Ubuntu 14.04 LTS host running ubuntu-zfs, restore it, and launch PostgreSQL using that data directory with all the data (seemingly) intact.

The database is very low-traffic, so I do not know how effective this strategy would be for a busier database.

I take no responsibility if you attempt this setup and it causes data loss or other issues. Use it at your own risk; this document is meant to explain a potential setup and open discussion about limitations and potential improvements.

First Host Setup