(TLDR solution is to allowlist the Twitter API IP address ranges)
Around 3 weeks back, the end of May I had reports of WordPress authors unable to embed tweets in posts, some using classic editor, others block editor.
The …
All posts by Marc Kranat
DDoS attack leveraging RSS feeds
RSS feeds have been around for decades, once very popular with geeks as a lightweight way of keeping up with the news such as https://feeds.bbci.co.uk/news/rss.xml before we all got 1gb cable connections and 5g, not normally read raw by human …
Online threats to consumers
Online threats to consumers come in many forms, such as viruses, malware, phishing scams, and ransomware. These threats can compromise the security of a person’s personal information, such as their login credentials and credit card numbers, and can lead to …
How to get around the BBC block in Russia
Как обойти блокировку BBC в России
Sharing this as obviously the link that the Beeb shared here can not be seen if forwarded to a Russian, as of course, Russia has blocked all disenting voices, and as this is …
Setting up a Mastodon Server at DigitalOcean
Please read the comments which have some updates regarding email config. You can find me on https://noc.social/web/@marc
Some people are really not too happy with Silicon Valley’s monopoly on social media. There are some serious privacy concerns, and we’ve seen …
Mostly Unrecognized immense scale of Solarwinds Hack
I’m pretty confused as to why there is so little written in the mainstream news on the scale and implications of this latest, and by far the largest, one of many attacks on our network infrastructure, and by a state …
Advanced Security Headers
I have some great security headers on this blog, but they are added using a single checkbox on the Sucuri WAF (web application firewall) this site uses. This is what they look like:
x-xss-protection: 1; mode=block x-frame-options: SAMEORIGIN x-content-type-options: nosniff…
Enumeration, Privacy, Security and the Law
There was a recent arrest of a 19 year old in Halifax for “hacking” freedom-of-information releases from a government website. Alleging he is guilty of section 342.1 of the criminal code, which prohibits unauthorized uses of computers “with intent to …
Governments are always wanting to break encryption
Everytime governments try to break encryption on social media, and they are doing it a lot these days, they hold up an example such as in this case “Sex Traffickers” so if you dare question them, you are exposed as …
We could be doing more
There is a mostly unreported and unrecognised ongoing attack on our research institutes, commerce and infrastructure, massively damaging our successes in the western world.
UC Cert, the United States Computer Emergency Team released an update (TA17-117A) last week from the …