Yearly Archives: 2024

NICGIGA S100-0800T Review The Cheap Unmanaged 8-port 10Gbase-T Switch

Post Syndicated from Rohit Kumar original https://www.servethehome.com/nicgiga-s100-0800t-review-the-cheap-unmanaged-8-port-10gbase-t-switch-realtek/

In our NICGIGA S100-0800T review, we see how this $222 unmanaged 8-port 10Gbase-T switch delivers 10GbE speeds so cheaply

The post NICGIGA S100-0800T Review The Cheap Unmanaged 8-port 10Gbase-T Switch appeared first on ServeTheHome.

Седмицата (1–6 юли)

Post Syndicated from Боряна Телбис original https://www.toest.bg/sedmitsata-1-6-yuli/

Седмицата (1–6 юли)

По всяка вероятност вървим към нови парламентарни избори наесен, както коментира в текста си за „Тоест“ и Емилия Милчева. В тази връзка 50-тото Народно събрание съвсем спокойно можеше да е имейл. Да разпратят до всички заинтересовани (и бездруго не са много предвид избирателната активност) и да се приключва. 

Може и да е рийл. Или стори. Най-добре рийл на стори и да изчезне за 24 часа. 

Освен ако, разбира се, не говорим за сериала „Величие“. Там по-интересно не може да стане. Жалко, че първи сезон приключва, но съспенсът остава.

Предлагам синопсис на първи епизод от сезон 2:

Ивелин Михайлов е в тронната зала на „Исторически парк“, който се е превърнал в цитаделата на Обединено кралство Ветрино. След обявяването на автономността първоначалният замисъл за република е набързо изместен от далеч по-внушителната концепция за кралство, като за целта са присъединени Албена, Златни пясъци и Св. св. Константин и Елена, защото е изключително важно да имаме излаз на море (когато нямаме три морета, и три излаза на едно и също море вършат работа). 

Зрителят усеща мотивацията, която ще движи героя през целия сезон – вътрешният импулс идва от самотата, родена от предателството. Доскорошният верен съратник на Ивелин Михайлов – Николай Марков, известен като Полковника, вече е предател. Стореното в студиото на bTV в миналия сезон е непростимо. 

И тъкмо когато Ивелин посяга унило към насъщните фъстъци, през вратата на тронната зала влетява вестител, облечен с ризница и препасъл меч (ние ларпаджии ли сме, или какво!). Задъханият придворен успява да каже ТОЙ Е ТУК и се строполява в несвяст в нозете на владетеля. 

Ивелин хвърля поглед през тройния стъклопакет и вижда пред портите на кралството си Делян Пеевски начело на добре въоръжена преторианска гвардия. С трепереща десница отваря прозореца, за да чуе призива на Повелителя на седемте парламента. 

„Ивелине, слез да поговорим, нищо няма да ти направя!“

Тук епизодът свършва и започва тийзър за следващия със заявка за много динамика, трилър, екшън сцени, неочаквани обрати, но и забавни моменти с някой и друг романтичен елемент.

Във връзка с горното, но и някак напълно сериозно призовавам последните четири години от обществения живот в страната да НЕ се преподават по история, когато някога в неопределеното бъдеще се стигне до евентуалното им изучаване. 

Защото ще е сеч. 

Никой няма да може да се оправи с броя на изборите, парламентите и министър-председателите. Нека да ги наречем „Тъмни векове“ и да си стиснем ръцете за по-светло бъдеще.

Него го чакаме на крилете на изкуствения интелект, защото вярата в естествения все повече ни куца. За технологиите от семейството на изкуствения интелект и за „приятелското“ рамо, което могат да предложат на съвременния човек, разказва Веселин Райчев, един от създателите на BgGPT, в разговор с Йовко Ламбрев.

С вярата е обвързан по някакъв начин и тазседмичният текст на Светла Енчева. „Трябва ли неправославните да се интересуват от БПЦ?“, пита тя и даже дава отговори.

С такива аз напоследък тотално не разполагам почти по никакви теми и особено по въпроси като „За какво мисли човек?“. Какво щастие, че тази седмица в рубриката „На второ четене“ Стефан Иванов ни предлага сборника с разкази от украинския писател Васил Габор – „За какво мисли човек“!

Ако приема по-сериозно задачата да дам отговор на горния въпрос, то той е, че в момента мисля как да не забравя да отбележа текстовете от трите специални поредици, които имаме възможността да публикуваме в „Тоест“. И затова директно ги спускам за ваше сведение.

Едната е от Еми Барух, която наскоро се върна от Израел и в рамките на три материала (интервю с Етгар Керет и два репортажа от протестите срещу Нетаняху в Тел Авив и от опустошените кибуци на 7 октомври 2023 г.) споделя реални впечатления от случващото се в страната в момента. Тази седмица излезе вторият ѝ текст – „Раната Израел“

Другата поредица е от Николета Атанасова, която в пет поредни статии ще ни запознае със съдбите на руски граждани, потърсили в България убежище и спасение от режима на Владимир Путин. Първата история е на Александър Стоцки.

А третата поредица вече тече с пълна сила и носи хлад от Севера с текстове от Светла Стоянова. Тази седмица рубриката ѝ продължава с увлекателен разказ и дневникови бележки за Фарьорските острови.

А аз не мисля да продължавам повече с този бюлетин, затова приключвам с любезното напомняне, че „Тоест“ все още съществува благодарение само и единствено на дарения от своите верни читатели поради липса на посолства, които искат да ни „осиновят“. Може би да се надяваме на нещо от Обединено кралство Ветрино, в случай че синопсисът от по-горе се е харесал, но дотогава разчитаме само на вас и ви благодарим сърдечно за подкрепата.

Регистрирайте месечно дарение

Lanner NCA-1515A Review This is the Home Lab Deal of the Year

Post Syndicated from Patrick Kennedy original https://www.servethehome.com/lanner-nca-1515a-review-is-the-home-lab-deal-of-the-year-intel-transcend-qualcomm/

In our Lanner NCA-1515A review, we see how this box with awesome networking options might be one of the better home lab buys we had this year

The post Lanner NCA-1515A Review This is the Home Lab Deal of the Year appeared first on ServeTheHome.

Metasploit Weekly Wrap-Up 07/05/2024

Post Syndicated from Christophe De La Fuente original https://blog.rapid7.com/2024/07/05/metasploit-wrapup-75/

I still like to MOVEit MOVEit

Metasploit Weekly Wrap-Up 07/05/2024

This week, our very own sfewer-r7 added a new exploit module that leverages an authentication bypass vulnerability in the MOVEit Transfer SFTP service (CVE-2024-5806). It is possible to authenticate to the SFTP service as any user as long as a valid username is known and the "Remote Access Rules" allows the attacker IP address. On successful attack, it is possible to access any file on the SFTP server that the user has permission to access. The module lets you list directories and display (or download) files.

The following version of MOVEit Transfer are affected:

  • MOVEit Transfer 2023.0.x (fixed in 2023.0.11)
  • MOVEit Transfer 2023.1.x (fixed in 2023.1.6)
  • MOVEit Transfer 2024.0.x (fixed in 2024.0.2)

New module content (3)

Progress MOVEit SFTP Authentication Bypass for Arbitrary File Read

Author: sfewer-r7
Type: Auxiliary
Pull request: #19295 contributed by sfewer-r7
Path: gather/progress_moveit_sftp_fileread_cve_2024_5806
AttackerKB reference: CVE-2024-5806

Description: This module exploits an authentication bypass vulnerability in the MOVEit Transfer SFTP service. The vulnerable versions are MOVEit Transfer 2023.0.x until 2023.0.11; MOVEit Transfer 2023.1.x until 2023.1.6; MOVEit Transfer 2024.0.x until 2024.0.2; allowing to list remote directories and reading files without authentication.

Zyxel parse_config.py Command Injection

Authors: SSD Secure Disclosure technical team and jheysel-r7
Type: Exploit
Pull request: #19204 contributed by jheysel-r7
Path: linux/http/zyxel_parse_config_rce
AttackerKB reference: CVE-2023-33012

Description: This adds an exploit module that leverages multiple vulnerabilities in order to obtain pre-auth command injection on multiple VPN Series Zyxel devices.

Azure CLI Credentials Gatherer

Authors: James Otten and h00die
Type: Post
Pull request: #10113 contributed by james-otten
Path: multi/gather/azure_cli_creds

Description: This post module allows to exfiltrate azure tokens and configurations from old azure-cli versions using unencrypted formats.

Enhancements and features (2)

  • #19287 from adeherdt-r7 – Updates the auxiliary/scanner/redis/redis_login module to support Redis 6.x.
  • #19297 from adeherdt-r7 – Improves the Redis login brute force functionality to better detect when auth is not required for the target.

Bugs fixed (3)

  • #19252 from zgoldman-r7 – Improves error logging for unhandled exceptions for login scanners.
  • #19285 from dledda-r7 – This fixes an issue with the Meterpreter’s sysinfo command that was failing when the current working directory was deleted.
  • #19289 from h00die – Updates the post/linux/gather/apache_nifi_credentials module to now support extracting nifi.properties values that contain hyphens.

Documentation

You can find the latest Metasploit documentation on our docsite at docs.metasploit.com.

Get it

As always, you can update to the latest Metasploit Framework with msfupdate
and you can get more details on the changes since the last blog post from
GitHub:

If you are a git user, you can clone the Metasploit Framework repo (master branch) for the latest.
To install fresh without using git, you can use the open-source-only Nightly Installers or the
commercial edition Metasploit Pro

UK election day 2024: traffic trends and attacks on political parties

Post Syndicated from João Tomé original https://blog.cloudflare.com/uk-election-day-2024-traffic-trends-and-attacks-on-political-parties


The 2024 UK general election, the first since Brexit officially began (January 31, 2020) and after 14 years of Conservative leadership, saw the Labour Party secure a majority. This blog post examines Internet traffic trends and cyberattack activity on election day, highlighting notable declines in traffic during the afternoon and evening as well as a DDoS attack on a political party shortly after polls closed.

For context, 2024 is considered “the year of elections,” with elections taking place in over 60 countries. We’ve covered elections in South Africa, India, Iceland, Mexico, the European Union, France, and also the 2024 US presidential debate. We also continuously update our election report on Cloudflare Radar.

The UK’s snap election on Thursday, July 4, 2024, typical of British Thursday weekday elections, contrasts with weekend elections in other countries. Polling stations were open from 07:00 to 22:00.

Generally, election days do not result in drastic changes to Internet traffic. Traffic typically dips during voting hours but not as sharply as during major events like national holidays, and rises in the evening as results are announced.

On July 4, 2024, traffic initially rose slightly from the previous week, then fell around noon (-2%). Significant declines began only after 16:00, with noticeable drops at 16:45 and again at 22:00 as polls closed.

Internet traffic dips across UK countries

Traffic shifts during voting day, compared to the previous week, are more revealing when viewed in detail. The map and table below summarize the traffic changes observed at the country level within the UK, where the greatest impact was observed in Northern Ireland (-10%), followed by Scotland (-6%), Wales (-5%), and England (-3%), all after 16:00.

Country Drop in traffic (%) Time of drop in traffic (local)
Northern Ireland -10% July 4, 16:00
Scotland -6% July 4, 20:00
Wales -5% July 4, 17:00
England -3% July 4, 16:00

Next, examining the day’s traffic changes, we observed a clear drop in Northern Ireland around 13:00 local time and during off-work hours between 16:00 and 20:00, before it began to increase again.

In Scotland, traffic fell by about 5% from 16:00 to 21:00 local time compared to the previous week.

In Wales, decreases occurred at 07:00 (4% drop), between 16:00 and 18:00 (around 5% drop), and at 21:00.

And in England, traffic decreased by approximately 3% between 16:00 and 18:00 and about 2% between 20:00 and 22:00.

In all the countries within the UK, traffic clearly increased after 23:00 local time when the voting polls had already closed and the first results started to arrive. Peak increases were reached at different times: Wales saw a 3% increase at 01:00; Northern Ireland and England experienced their highest increases of 12% and 11% respectively at 02:00; and Scotland had a 9% increase at 02:00 followed by a 12% spike at 04:00.

DNS trends: news outlets bring results

Switching focus to domain trends, our 1.1.1.1 resolver DNS data reveals a more targeted impact from the UK elections. Analyzing the participating parties, DNS traffic significantly increased on election day, peaking at 22:00 and midnight local time (up to 600% growth), and then again at 04:00 (671%).

Among the main parties, Labour, led by Keir Starmer, outperformed the Conservative Party on election day. Labour’s DNS traffic spiked at 22:00 local time, with an 866% increase from the previous week.

Analyzing official government and election-related websites, the UK differs from other countries in how results are shared. Official results weren’t continuously updated as they came in. The largest spike in DNS traffic, a 172% increase from the previous week, occurred on election morning around 07:00 local time. This increase likely happened because UK citizens were searching for the correct polling stations and other voting resources.

News sites and microblogging social media platforms in the UK experienced significant increases in usage after the polling stations closed at 22:00 local time. In the UK, news sites not only provide initial projections but also final results. DNS traffic for UK news media outlets surged 74% compared to the previous week, peaking at 104% at midnight and 04:00.

For microblogging social media in Great Britain, traffic was already 25% higher than the previous week when the polls closed (22:00), peaking at 27% at midnight and remaining elevated through the night.

We saw last week in the US, during the Biden vs Trump debate, that video streaming social platforms such as YouTube or TikTok, were used to watch through news outlets channels the debate live, with DNS traffic surging. How about the UK? DNS traffic was 10% higher than in the previous week starting at midnight, and at 01:00 local time was 15% higher.

Attacks: political parties included impact

Focusing on attacks, those are usually constant, and aren’t necessarily driven always by elections. But, as we’ve seen at the start of the war in Ukraine or more recently in the Netherlands or in France, specific events do trigger attacks. DDoS (Distributed Denial of Service) attacks remain a common method employed by attackers.

In recent days, there has been DDoS activity targeting political parties in the UK that participated in these elections. Our data shows that two parties experienced attacks that were blocked by Cloudflare. One party, represented in blue, suffered an attack on June 16, which lasted over four hours and peaked at 60,000 requests per second (rps).

The party shown in yellow was hit by four DDoS attacks on different days: June 13, 19, 26, and in the early hours of July 5 (UTC), just after the election’s first predictions were broadcast, giving a majority to the Labour Party. This was the most significant attack in recent days, peaking at 156,000 rps. It began at 01:47 local time (00:47 UTC) and ended four minutes later. Here’s a closer look at that July 5, 2024, attack:

Although these rates are small on Cloudflare’s scale, they can be devastating for unprotected websites unaccustomed to such levels of traffic.

Conclusion: high intensity election year

Even if major political events don’t always bring notable changes to Internet traffic, our data shows that in the UK, traffic decreased more significantly in the afternoon and evening, especially as voting stations remained open until 22:00.

After voting ended, news sites became the go-to resource for UK residents seeking initial predictions and results.

We also observed attacks targeting political parties in the UK, further highlighting that this election year is marked by cyberattacks aimed at influencing politically related websites.

If you want to follow more trends and insights about the Internet and elections in particular, you can check Cloudflare Radar, and more specifically our new 2024 Elections Insights report, which will be updated as elections take place throughout the year.

[$] New features in C++26

Post Syndicated from daroc original https://lwn.net/Articles/979870/

ISO releases new C++
language standards on a three-year cadence; now that it’s been
more than a year since the finalization of
C++23, we have a good idea of what

features could be adopted for
C++26 — although proposals can
still be submitted until January 2025. Of particular interest is the addition of
support for

hazard pointers and

user-space read-copy-update (RCU).
Even though C++26 is not yet a standard, many of the proposed features are already
available to experiment with in GCC or Clang.