Je suis pas un gros "viewer" sur Twitch, mais quand je peux, je regarde #Proxy d'@arretsurimages.

Là, suis dèg', j'ai raté celui du 1er avril en live, mais on le peut voir replay.

Ça parle du rapport sur la pub qui a fuité après avoir "calé une table" quelques mois dans le bureau du 1er ministre.

J'aime bien que @lorisguemart rappelle, à chaque fois qu'il aborde l'ARPP, que c'est une association et pas une "Autorité" .

(c'est d'ailleurs rappelé dans ledit rapport)

https://www.arretsurimages.net/articles/climat-un-rapport-explosif-veut-interdire-des-pubs-les-medias-peu-interesses

Latest Mustang Panda Arsenal: Toneshell, StarProxy, PAKLOG, CorKLOG, and SplatCloak

Mustang Panda, a threat actor group, has developed new tools including two keyloggers (PAKLOG and CorKLOG) and an EDR evasion driver (SplatCloak). PAKLOG monitors keystrokes and clipboard data, using a custom encoding scheme. CorKLOG captures keystrokes, encrypts data with RC4, and establishes persistence through services or scheduled tasks. SplatCloak disables kernel-level notification callbacks for Windows Defender and Kaspersky drivers, employing obfuscation techniques like control flow flattening and mixed boolean arithmetic. Along with those tools, the group has been observed using updated versions of ToneShell and a new tool called StarProxy. ToneShell, a backdoor, now features changes in its FakeTLS C2 communication protocol and client identifier storage methods. StarProxy, a lateral movement tool, uses the FakeTLS protocol to proxy traffic and facilitate attacker communications.

Pulse ID: 6800148cd0bb0e7851cc6218
Pulse Link: https://otx.alienvault.com/pulse/6800148cd0bb0e7851cc6218
Pulse Author: AlienVault
Created: 2025-04-16 20:35:24

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

Inside BRUTED: Black Basta (RaaS) Used Automated Brute Forcing Framework to Target Edge Network Devices

Black Basta, a ransomware-as-a-service group, has been using an automated brute forcing framework called BRUTED to target edge network devices since 2023. The framework performs internet scanning and credential stuffing against firewalls and VPN solutions in corporate networks. Black Basta prioritizes high-impact industries, particularly the Business Services sector, to amplify operational disruptions. The group's internal communications were leaked, exposing their infrastructure and operational details. BRUTED targets various remote-access and VPN solutions, using proxy rotation, credential generation, and distributed execution to scale attacks. Black Basta exploits vulnerabilities in edge devices for initial access, then targets ESXi hypervisors to encrypt file systems and disrupt virtual machines, maximizing operational impact and ransom leverage.

Pulse ID: 67ffc3faf1eadb11b97d2f1b
Pulse Link: https://otx.alienvault.com/pulse/67ffc3faf1eadb11b97d2f1b
Pulse Author: AlienVault
Created: 2025-04-16 14:51:38

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

The developers of the mitmproxy tool describe it as the Swiss army knife for debugging, testing, data protection analysis, and penetration testing HTTP(S) connections. Holger Reibold shows you how mitmproxy can be a useful addition to your security toolbox.
https://www.admin-magazine.com/Archive/2025/85/Traffic-analysis-with-mitmproxy?utm_source=mlm
#OpenSource #mitmproxy #debugging #testing #security #proxy #MITM

How Proxy Browsers Work: A Step-by-Step Guide to Online Anonymity https://visualmodo.com/how-proxy-browsers-work/ #Proxy #Browsers #Guide #Anonymity

Install and Configure #SOCKS #Proxy Server on Rocky Linux VPS

This article provides a guide for how to install and configure SOCKS proxy server on Rocky Linux VPS.

In this tutorial, we'll go through the process of installing and configuring a SOCKS proxy server on a Rocky Linux VPS. We will also discuss enabling SSH tunnelling from a PC using the SOCKS proxy server. This will allow you to route your ...
Continued https://blog.radwebhosting.com/install-and-configure-socks-proxy-server-on-rocky-linux-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost #installguide #proxyserver #vpsguide #rockylinux

How to Setup a Reverse #Proxy with HTTPS Using #Nginx and #Certbot (5 Minute Quick-Start Guide)

This article outlines how to setup a reverse proxy with HTTPS using Nginx and Certbot.
What is a Reverse Proxy?
A reverse proxy is a server that sits between client devices and a backend server, forwarding client requests to the backend server and returning the server's response to the clients. Unlike a forward proxy, ...
Continued https://blog.radwebhosting.com/how-to-setup-a-reverse-proxy-with-https-using-nginx-and-certbot-5-minute-quick-start-guide/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost #reverseproxy #proxyserver #letsencrypt

7 Steps to Easily Configure #OpenLiteSpeed as a Reverse #Proxy for #Metabase

OpenLiteSpeed Web Server is great for building and deploying web applications. The WebAdmin Console enables you to quickly configure features that allow you to deliver a fast web application that your users will love.

Metabase is a business intelligence web application that can be deployed on an ...
Continued https://blog.radwebhosting.com/configure-openlitespeed-as-a-reverse-proxy-for-metabase/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost #installguide #openjdk #proxyserver #reverseproxy #jre #letsencrypt

Just released: #swad v0.2

SWAD is the "Simple Web Authentication Daemon", meant to add #cookie #authentication with a simple #login form and configurable credential checker modules to a reverse #proxy supporting to delegate authentication to a backend service, like e.g. #nginx' "auth_request". It's a very small piece of software written in pure #C with as little external dependencies as possible. It requires some #POSIX (or "almost POSIX", like #Linux, #FreeBSD, ...) environment, OpenSSL (or LibreSSL) for TLS and zlib for response compression.

Currently, the only credential checker module available offers #PAM authentication, more modules will come in later releases.

swad 0.2 brings a few bugfixes and improvements, especially helping with security by rate-limiting the creation of new sessions as well as failed login attempts. Read details and grab it here:

https://github.com/Zirias/swad/releases/tag/v0.2

New blog post

𝐂𝐨𝐧𝐟𝐢𝐠𝐮𝐫𝐢𝐧𝐠 𝐀𝐒𝐏.𝐍𝐄𝐓 𝐂𝐨𝐫𝐞 𝐅𝐨𝐫𝐰𝐚𝐫𝐝𝐞𝐝 𝐇𝐞𝐚𝐝𝐞𝐫𝐬 𝐌𝐢𝐝𝐝𝐥𝐞𝐰𝐚𝐫𝐞

Running ASP.NET Core behind a proxy?

Then you need to configure ForwardedHeadersMiddleware the right way.

Trust proxy IPs
Handle X-Forwarded-* headers
Avoid broken IPs, schemes & hosts

Read it https://nestenius.se/net/configuring-asp-net-core-forwarded-headers-middleware/

How ToddyCat tried to hide behind AV software

The ToddyCat APT group has developed a sophisticated tool called TCESB to stealthily execute payloads and evade detection. This tool exploits a vulnerability (CVE-2024-11859) in ESET Command line scanner for DLL proxying, using a modified version of the open-source EDRSandBlast malware. TCESB employs techniques like DLL proxying, kernel memory manipulation, and Bring Your Own Vulnerable Driver (BYOVD) to bypass security solutions. It searches for kernel structure addresses using CSV or PDB files, installs a vulnerable Dell driver, and decrypts AES-128 encrypted payloads. The discovery highlights the need for monitoring driver installations and Windows kernel debug symbol loading events to detect such sophisticated attacks.

Pulse ID: 67f3cb12758e286216442770
Pulse Link: https://otx.alienvault.com/pulse/67f3cb12758e286216442770
Pulse Author: AlienVault
Created: 2025-04-07 12:54:42

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

3 Easy Steps to Integrate Monitoring Tools for #Apache Reverse #Proxy Server

This article provides a step-by-step guide to integrate monitoring tools for Apache reverse proxy server. Integrating monitoring tools with your Apache reverse proxy server setup allows you to track performance, detect issues, and optimize your infrastructure efficiently.
How to Integrate Monitoring Tools for Apache Reverse Proxy Server
Below, ...
Continued https://blog.radwebhosting.com/3-easy-steps-to-integrate-monitoring-tools-for-apache-reverse-proxy-server/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost #reverseproxy #proxyserver

Ah, another day, another #overengineered tool nobody asked for . Meet Zxc, the #Rust TLS #proxy that forces you to wrestle with #tmux and #Vim while pretending it's a BurpSuite alternative . Because who doesn't want to intercept #traffic with a #UI straight out of the '90s?
https://github.com/hail-hydrant/zxc #tools #interception #retro #HackerNews #ngated

Zxc – Rust TLS proxy with tmux and Vim as UI, BurpSuite alternative

https://github.com/hail-hydrant/zxc

How to Setup a Reverse #Proxy with HTTPS Using #Nginx and #Certbot (5 Minute Quick-Start Guide)

This article outlines how to setup a reverse proxy with HTTPS using Nginx and Certbot.
What is a Reverse Proxy?
A reverse proxy is a server that sits between client devices and a backend server, forwarding client requests to the backend server and returning the server's response to the clients. Unlike a forward proxy, ...
Continued https://blog.radwebhosting.com/how-to-setup-a-reverse-proxy-with-https-using-nginx-and-certbot-5-minute-quick-start-guide/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost #proxyserver #reverseproxy #letsencrypt

Fake Zoom Ends in BlackSuit Ransomware

A malicious website mimicking Zoom led to the installation of a trojanized installer, initiating a multi-stage attack. The initial payload, d3f@ckloader, downloaded additional components, including SectopRAT. After nine days, the threat actor deployed Brute Ratel and Cobalt Strike beacons for lateral movement. They used various techniques for discovery and credential access, including LSASS memory dumping. The attacker employed QDoor for proxying RDP connections, facilitating data collection and exfiltration via the cloud service Bublup. The intrusion culminated in the deployment of BlackSuit ransomware across multiple systems using PsExec, with a total time to ransomware of 194 hours over nine days.

Pulse ID: 67ea2ad332f874a45a095bed
Pulse Link: https://otx.alienvault.com/pulse/67ea2ad332f874a45a095bed
Pulse Author: AlienVault
Created: 2025-03-31 05:40:35

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

If you want to browse to #onion sites without the #Tor browser, try

https://torry.io

A search engine and proxy

7 Steps to Easily Configure #OpenLiteSpeed as a Reverse #Proxy for #Metabase

OpenLiteSpeed Web Server is great for building and deploying web applications. The WebAdmin Console enables you to quickly configure features that allow you to deliver a fast web application that your users will love.

Metabase is a business intelligence web application that can be deployed on an ...
Continued https://blog.radwebhosting.com/configure-openlitespeed-as-a-reverse-proxy-for-metabase/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost #reverseproxy #proxyserver #openjdk #jre #letsencrypt #installguide