Viss
Pedro
@pedro@infosec.exchange
- 10 Followers
- 103 Following
- 252 Posts
LukasMildly cursed factoid about UNC paths:
- UNC Paths can contain IP addresses such as \\192.168.1.1\share
- IPv6 addresses are supported as well
- IPv6 addresses contain colons
- can't have colons in Windows paths since colons are reserved for drive letters
So Microsoft came up with the the ipv6-literal.net domain that's special-cased by Windows so you can to write IPv6 addresses in UNC paths as 2a0e-3c0--21.ipv6-literal.net without it hitting any resolvers.
Ian CampbellExposing the Unseen: Mapping MCP Servers Across the Internet
"We identified a total of 1,862 MCP servers exposed to the internet. From this set, we manually verified a sample of 119. All 119 servers granted access to internal tool listings without authentication."
this is why I keep a very watchful eye on Knostic about AI stuff, they know the tech, the risks, *and* how human behavior will interact with them.
Infocalypse Now
myrmepropagandist
Mike ShewardGood new SaaS vendor assessment question I’ve been using…
What is your process for updating your customer facing status page in the event of an incident?
You will learn so much from this, including…
- do they even have a status page
- if they do, do they know how to work it
- if its managed by the engineering side of the house or marketing, which can give you clues as too what is important in their org culture
- how transparent they are willing to be about a topic that actually isn’t all that sensitive in the grand scheme of all the things you could ask about
Doug MadoryHere’s the @Cloudflare write-up with a description of what caused the outage. It was caused by an internal error not a BGP hijack, but we already knew that.
https://blog.cloudflare.com/cloudflare-1-1-1-1-incident-on-july-14-2025/
Cloudflare 1.1.1.1 Incident on July 14, 2025
On July 14th, 2025, Cloudflare made a change to our service topologies that caused an outage for 1.1.1.1 on the edge, resulting in downtime for 62 minutes for customers using the 1.1.1.1 public DNS Resolver as well as intermittent degradation of service for Gateway DNS. We’re deeply sorry for this outage. This outage was the result of an internal configuration error and not the result of an attack or a BGP hijack. In this blog post, we’re going to talk about what the failure was, why it occurred, and what we’re doing to make sure this doesn’t happen again.
404 MediaThe Hyperpersonalized AI Slop Silo Machine Is Here
🔗 https://www.404media.co/the-ai-slop-niche-machine-is-here/
Kevin BeaumontNew CitrixBleed 2 scan data:
+7000 extra hosts added this round, host list is so large you need to use the raw view to see it.
Next set of data publication likely Friday, a month since the patch became available.
3832 orgs/hosts still unpatched.
Just to clear up some misinfo circulating, a BGP hijack was not the cause of
Cloudflare DNS going down today.
At 21:51 UTC, Cloudflare (AS13335) withdrew both 1.1.1.0/24 and 1.0.0.0/24 for an unknown reason.
I suspect AS4755 was always announcing 1.1.1.0/24, when CF went away, it leaked a bit (i.e. "%2").
https://infosec.exchange/@GossiTheDog@cyberplace.social/114854023690856642
farrer
Girl on the Net