home.social

#tls — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #tls, aggregated by home.social.

  1. Some of the inner workings of @limeleaf 's probes.dev is using Go's net/http/httptrace package which gives you very handy information.

    blainsmith.com/articles/httptr

  2. MTProxy jumper — делаем автоматическое переключение прокси-серверов Telegram

    В свете последних новостей вокруг Telegram провела некоторые эксперименты с протоколом MTProxy. Основная идея: сделать ПО, выглядящее для Telegram-клиента как MTProxy-сервер, и осуществляющее дальнейший обмен данными со сторонними MTProxy-серверами. В идеале, эти сторониие серверы должны обнаруживаться автоматически, и переключение между ними тоже должно происходить автоматически.

    habr.com/ru/articles/1039034/

    #Telegram #MTProto #TLS #прокси #DPI #блокировка #MTJumper

  3. MTProxy jumper — делаем автоматическое переключение прокси-серверов Telegram

    В свете последних новостей вокруг Telegram провела некоторые эксперименты с протоколом MTProxy. Основная идея: сделать ПО, выглядящее для Telegram-клиента как MTProxy-сервер, и осуществляющее дальнейший обмен данными со сторонними MTProxy-серверами. В идеале, эти сторониие серверы должны обнаруживаться автоматически, и переключение между ними тоже должно происходить автоматически.

    habr.com/ru/articles/1039034/

    #Telegram #MTProto #TLS #прокси #DPI #блокировка #MTJumper

  4. MTProxy jumper — делаем автоматическое переключение прокси-серверов Telegram

    В свете последних новостей вокруг Telegram провела некоторые эксперименты с протоколом MTProxy. Основная идея: сделать ПО, выглядящее для Telegram-клиента как MTProxy-сервер, и осуществляющее дальнейший обмен данными со сторонними MTProxy-серверами. В идеале, эти сторониие серверы должны обнаруживаться автоматически, и переключение между ними тоже должно происходить автоматически.

    habr.com/ru/articles/1039034/

    #Telegram #MTProto #TLS #прокси #DPI #блокировка #MTJumper

  5. MTProxy jumper — делаем автоматическое переключение прокси-серверов Telegram

    В свете последних новостей вокруг Telegram провела некоторые эксперименты с протоколом MTProxy. Основная идея: сделать ПО, выглядящее для Telegram-клиента как MTProxy-сервер, и осуществляющее дальнейший обмен данными со сторонними MTProxy-серверами. В идеале, эти сторониие серверы должны обнаруживаться автоматически, и переключение между ними тоже должно происходить автоматически.

    habr.com/ru/articles/1039034/

    #Telegram #MTProto #TLS #прокси #DPI #блокировка #MTJumper

  6. Laravel Lang Compromised with RCE Backdoor Across 700+ Versions

    Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.

    Pulse ID: 6a1187d92cdbfd79095008cd
    Pulse Link: otx.alienvault.com/pulse/6a118
    Pulse Author: AlienVault
    Created: 2026-05-23 10:56:25

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Chrome #Cloud #CyberSecurity #Encryption #HTTP #InfoSec #OTX #OpenThreatExchange #PHP #Password #RAT #RCE #RemoteCodeExecution #TLS #VPN #Windows #Word #bot #cryptocurrency #AlienVault

  7. Laravel Lang Compromised with RCE Backdoor Across 700+ Versions

    Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.

    Pulse ID: 6a1187d92cdbfd79095008cd
    Pulse Link: otx.alienvault.com/pulse/6a118
    Pulse Author: AlienVault
    Created: 2026-05-23 10:56:25

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Chrome #Cloud #CyberSecurity #Encryption #HTTP #InfoSec #OTX #OpenThreatExchange #PHP #Password #RAT #RCE #RemoteCodeExecution #TLS #VPN #Windows #Word #bot #cryptocurrency #AlienVault

  8. Laravel Lang Compromised with RCE Backdoor Across 700+ Versions

    Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.

    Pulse ID: 6a1187d92cdbfd79095008cd
    Pulse Link: otx.alienvault.com/pulse/6a118
    Pulse Author: AlienVault
    Created: 2026-05-23 10:56:25

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Chrome #Cloud #CyberSecurity #Encryption #HTTP #InfoSec #OTX #OpenThreatExchange #PHP #Password #RAT #RCE #RemoteCodeExecution #TLS #VPN #Windows #Word #bot #cryptocurrency #AlienVault

  9. Laravel Lang Compromised with RCE Backdoor Across 700+ Versions

    Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.

    Pulse ID: 6a1187d92cdbfd79095008cd
    Pulse Link: otx.alienvault.com/pulse/6a118
    Pulse Author: AlienVault
    Created: 2026-05-23 10:56:25

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Chrome #Cloud #CyberSecurity #Encryption #HTTP #InfoSec #OTX #OpenThreatExchange #PHP #Password #RAT #RCE #RemoteCodeExecution #TLS #VPN #Windows #Word #bot #cryptocurrency #AlienVault

  10. Laravel Lang Compromised with RCE Backdoor Across 700+ Versions

    Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.

    Pulse ID: 6a1187d92cdbfd79095008cd
    Pulse Link: otx.alienvault.com/pulse/6a118
    Pulse Author: AlienVault
    Created: 2026-05-23 10:56:25

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Chrome #Cloud #CyberSecurity #Encryption #HTTP #InfoSec #OTX #OpenThreatExchange #PHP #Password #RAT #RCE #RemoteCodeExecution #TLS #VPN #Windows #Word #bot #cryptocurrency #AlienVault

  11. #DHCP, #DNS, #IPv6, #TLS: Ihr seid anstrengend.

    #pihole ignoriert nach Update standardmäßig die eigene dnsmasq-Konfiguration. Alle Hosts bekommen zwei IPv6-Gateways: Router und Pi-hole. Ziemlich zufällig wirkend hängen dann Verbindungen.

    #Docker Compose-Setup mit #Coolify: Anfragen wechseln zwischen den Umgebungen, weil es kein Docker-Netz pro Umgebung gibt und per DNS-Round-Robin Anfragen zufällig an Apps verteilt werden.

    #Traefik aktualisiert Zertifikate auf Basis von 2160 Stunden Gültigkeit (änderbar mit acme.certificatesDuration). #step-ca gibt Zertifikate aus, die 24 Stunden gültig sind (änderbar über authority.claims.{max,default}TLSCertDuration). Kein Wunder, dass das ganze Setup einen Tag später nicht mehr läuft.

    Usw. usf.

  12. #DHCP, #DNS, #IPv6, #TLS: Ihr seid anstrengend.

    #pihole ignoriert nach Update standardmäßig die eigene dnsmasq-Konfiguration. Alle Hosts bekommen zwei IPv6-Gateways: Router und Pi-hole. Ziemlich zufällig wirkend hängen dann Verbindungen.

    #Docker Compose-Setup mit #Coolify: Anfragen wechseln zwischen den Umgebungen, weil es kein Docker-Netz pro Umgebung gibt und per DNS-Round-Robin Anfragen zufällig an Apps verteilt werden.

    #Traefik aktualisiert Zertifikate auf Basis von 2160 Stunden Gültigkeit (änderbar mit acme.certificatesDuration). #step-ca gibt Zertifikate aus, die 24 Stunden gültig sind (änderbar über authority.claims.{max,default}TLSCertDuration). Kein Wunder, dass das ganze Setup einen Tag später nicht mehr läuft.

    Usw. usf.

  13. Die Telekom hat einen Dienst der sich 'Security OnNet' nennt. Der bricht die Zertifikatskette auf und injected ein eigenes Zertifikat, leitet Netzverkehr über eigene Routen um und blockiert somit bestimmte Seiten.
    Haben das nur bemerkt, weil ein Kunde von uns der Mailserver weg geblockt wurde.

    Keine Ahnung wie das funktioniert aber schon scary.

    Scheinbar zielt der Dienst besonders gerne auf mailcow Dienste.

    onnet.telekom.de/portal/teleko

  14. Die Telekom hat einen Dienst der sich 'Security OnNet' nennt. Der bricht die Zertifikatskette auf und injected ein eigenes Zertifikat, leitet Netzverkehr über eigene Routen um und blockiert somit bestimmte Seiten.
    Haben das nur bemerkt, weil ein Kunde von uns der Mailserver weg geblockt wurde.

    Keine Ahnung wie das funktioniert aber schon scary.

    Scheinbar zielt der Dienst besonders gerne auf mailcow Dienste.

    onnet.telekom.de/portal/teleko

    #telekom #blocking #tls

  15. Die Telekom hat einen Dienst der sich 'Security OnNet' nennt. Der bricht die Zertifikatskette auf und injected ein eigenes Zertifikat, leitet Netzverkehr über eigene Routen um und blockiert somit bestimmte Seiten.
    Haben das nur bemerkt, weil ein Kunde von uns der Mailserver weg geblockt wurde.

    Keine Ahnung wie das funktioniert aber schon scary.

    Scheinbar zielt der Dienst besonders gerne auf mailcow Dienste.

    onnet.telekom.de/portal/teleko

    #telekom #blocking #tls

  16. Die Telekom hat einen Dienst der sich 'Security OnNet' nennt. Der bricht die Zertifikatskette auf und injected ein eigenes Zertifikat, leitet Netzverkehr über eigene Routen um und blockiert somit bestimmte Seiten.
    Haben das nur bemerkt, weil ein Kunde von uns der Mailserver weg geblockt wurde.

    Keine Ahnung wie das funktioniert aber schon scary.

    Scheinbar zielt der Dienst besonders gerne auf mailcow Dienste.

    onnet.telekom.de/portal/teleko

    #telekom #blocking #tls

  17. Die Telekom hat einen Dienst der sich 'Security OnNet' nennt. Der bricht die Zertifikatskette auf und injected ein eigenes Zertifikat, leitet Netzverkehr über eigene Routen um und blockiert somit bestimmte Seiten.
    Haben das nur bemerkt, weil ein Kunde von uns der Mailserver weg geblockt wurde.

    Keine Ahnung wie das funktioniert aber schon scary.

    Scheinbar zielt der Dienst besonders gerne auf mailcow Dienste.

    onnet.telekom.de/portal/teleko

    #telekom #blocking #tls

  18. New #TCP public peer is now available by thanks to @neilalexander

    ```
    tcp://yggdrasil.neilalexander.dev:64649
    ```

    it's CPU-friendly and could be especially useful in the #Yggdrasil #TLS-less #NTP context yggdrasil-network.github.io/se

  19. Someone who knows @admin, please advise them to update the #TLS certificate for mastox.eu. It just expired.

    #Fediverse #FediAdmin #HTTPS

  20. Merely saying 'We speak a secret tongue' is not enough. One's wizards must speak the appropriate tongue, and speak it only in a most cautious fashion. cromwell-intl.com/cybersecurit

  21. Merely saying 'We speak a secret tongue' is not enough. One's wizards must speak the appropriate tongue, and speak it only in a most cautious fashion. #cybersecurity #TLS cromwell-intl.com/cybersecurit

  22. Merely saying 'We speak a secret tongue' is not enough. One's wizards must speak the appropriate tongue, and speak it only in a most cautious fashion. #cybersecurity #TLS cromwell-intl.com/cybersecurit

  23. Merely saying 'We speak a secret tongue' is not enough. One's wizards must speak the appropriate tongue, and speak it only in a most cautious fashion. #cybersecurity #TLS cromwell-intl.com/cybersecurit

  24. Merely saying 'We speak a secret tongue' is not enough. One's wizards must speak the appropriate tongue, and speak it only in a most cautious fashion. #cybersecurity #TLS cromwell-intl.com/cybersecurit

  25. #phetch - #GopherProtocol client written in #Rust with #Tor / #I2P proxy support + #TLS as the bonus:
    github.com/xvxx/phetch

    To handle I2P connections use following trick:
    TOR_PROXY=127.0.0.1:4447 target/release/phetch -o gopher://phlogqhspsjzcdubodidwc74pmc56hik2t3bhajwc47rg6snboia.b32.i2p:70/1ps/

    See also:
    github.com/xvxx/phetch/issues/

  26. #phetch - #GopherProtocol client written in #Rust with #Tor / #I2P proxy support + #TLS as the bonus:
    github.com/xvxx/phetch

    To handle I2P connections use following trick:
    TOR_PROXY=127.0.0.1:4447 target/release/phetch -o gopher://phlogqhspsjzcdubodidwc74pmc56hik2t3bhajwc47rg6snboia.b32.i2p:70/1ps/

    See also:
    github.com/xvxx/phetch/issues/

  27. #phetch - #GopherProtocol client written in #Rust with #Tor / #I2P proxy support + #TLS as the bonus:
    github.com/xvxx/phetch

    To handle I2P connections use following trick:
    TOR_PROXY=127.0.0.1:4447 target/release/phetch -o gopher://phlogqhspsjzcdubodidwc74pmc56hik2t3bhajwc47rg6snboia.b32.i2p:70/1ps/

    See also:
    github.com/xvxx/phetch/issues/