daniel:// stenberg://https://www.theregister.com/2026/01/21/curl_ends_bug_bounty/
(I will blog about the details next week)
nyxgeek
- 300 Followers
- 159 Following
- 91 Posts
rebel scum, nerfherder, dogged and relentless
If you’re using Azure Front Door WAF, make sure you select the correct IP match variable or you’re gonna have a bad time.
Here’s a standalone tool you can run from CloudShell to check for insecure Front Door WAF rules that utilize RemoteAddr.
https://github.com/nyxgeek/frontdoor_waf_wtf
The full blog post can be found here:
https://trustedsec.com/blog/azures-front-door-waf-wtf-ip-restriction-bypass
InfoSecSherpa🎤 Do your part to save libraries. Get a library card. Make a donation. Visit their building. Use their online offerings that you can access with a library card. Many libraries offer access to digital subscriptions from home or on-site. Sites like Ancestry and more. 🎤 #SaveLibraries
Ben HardillOh joy, people posting to the OpenSource project's forum saying that the documentation is wrong. The link they provided does not point to any project webpage, but to a Google search result.
When pressed they post a screenshot of the "AI Overview" answer with a bunch of hallucinated BS...
We really need to start sending Invoices to these companies for just wasting everybody's time.
I recently finished compiling stats on my 3 years of scraping Azure via OneDrive, where I enumerated 70m+ users. I spoke about this project at ShmooCon this year.
Stats on Azure tenants, domains, ADFS, username formats, nicknames, service accounts, and more.
vga256a welder learns how to become a programmer, by ben cornia
update: i found it! see reply.
friendly request for #hypercard users and a little story:
in the early 90s my hillbilly county school had mandatory “shop class” (aka “industrial ed”) for junior high kids. giving 13 year olds access to 500C injection moulders, band saws and metal and wood lathes was always a recipe for insanity. and i loved it.
squirreled away in the shop teacher’s office, separate from the shop, was a neglected Macintosh Classic. with no games, no localtalk network, no After Dark, and no Mac Paint it was nothing more than a disquieting lump of plastic on his desk, that sat there for the 6 years I attended the school.
it did have one program though, that could have shaped my understanding of computing had I understood how it worked at the time: it had Hypercard.
there was one stack in particular that has haunted me for 30 years. it was a series of scanned atkinson-dithered photos of people’s heads. i think most of them were celebrities. but the one that stood out to me was this glorious photo of who I *think* was Boy George. (edit: it might have been George Michael. the name 'george' is most salient in my memory.)
hypercarders: has anyone ever seen this stack or particular photo? i’d love to put it on my desktop.
Viss
Kim ZetterTwo DOGE workers are now at CISA (DHS's Cybersecurity and Infrastructure Security Agency) I've been able to confirm. Edward Coristine, the 19-yr-old known as Big Balls, and Kyle Schutt, a 38-yr-old software engineer. My piece for Wired:
https://www.wired.com/story/doge-cisa-coristine-cybersecurity/
a few years ago i bought a box of old PC games locally.
one of the games was Ultima V.
today i finally had a chance to go through its contents, and inside i found a thick coil notebook, full of notes, written by its owner "Brent" about 30 years earlier.
he judiciously took notes on every location, npc, spell, reagent and quest in the game.
here's to you brent 🍻
i absolutely love these very personal ephemera i sometimes find in old games.