Leuchtturm @leuchtturm

7 posts7 participants0 posts today

**psuPete** @psuPete@infosec.exchange · 1d

Pete Recommends – Weekly highlights on cyber security issues, April 12, 2025

Five highlights from this week: #Biometrics vs. passcodes: What lawyers recommend if you're worried about warrantless phone searches; #DDoS Attacks Now Key Weapons in Geopolitical Conflicts, #NETSCOUT Warns; Google Maps doubles down on preventing fake reviews; Large number of US adults view AI as a threat: Report; and Explosive Growth of Non-Human Identities (#NHI) Creating Massive Security Blind Spots.

Posted in: #AI Cybercrime, Cybersecurity, #Privacy

https://www.llrx.com/2025/04/pete-recommends-weekly-highlights-on-cyber-security-issues-april-12-2025/

**jbz** @jbz@indieweb.social · 2d

jbz @jbz@indieweb.social

Open source devs are fighting AI crawlers with cleverness and vengeance
—@TechCrunch

｢ It’s intended to “slow down, confuse, and waste the resources of AI Crawlers and other bots that don’t respect ‘no crawl’ directives,” Cloudflare described in its blog post. Cloudflare said it feeds misbehaving AI crawlers “irrelevant content rather than extracting your legitimate website data.” ｣

https://techcrunch.com/2025/03/27/open-source-devs-are-fighting-ai-crawlers-with-cleverness-and-vengeance/

TechCrunch · Mar 27Open source devs are fighting AI crawlers with cleverness and vengeance | TechCrunchAI web crawling bots are the cockroaches of the internet, many developers believe. FOSS devs are fighting back in ingenuous, humorous ways.

#ddos #ai #aicrawlers

**Epiphyt** @epiphyt@epiph.yt · 4d

Epiphyt @epiphyt@epiph.yt

ActivityPub ist super, um dein WordPress-Blog zum Fediverse zu verbinden. Je nach Aktivität kann es jedoch sein, dass du einen versehentlichen DDoS gegen deinen eigenen Server verursachst.

[…]

https://epiph.yt/blog/2025/das-activitypub-plugin-und-der-versehentliche-ddos/

#ActivityPub #Cachify #DDoS

**Epiphyt** @epiphyt_en@epiph.yt · 4d *

4d *

Epiphyt @epiphyt_en@epiph.yt

ActivityPub is great to connect your WordPress blog to the Fediverse. However, depending on the activity, it is possible to create an accidental DDoS against the own server.

[…]

https://epiph.yt/en/blog/2025/accidental-ddos-through-activitypub-plugin/

Epiphyt · 4dAccidental DDoS through ActivityPub plugin | EpiphytActivityPub is great to connect your WordPress blog to the Fediverse. However, it is possible to create an accidental DDoS against the own server.

#ActivityPub #Cachify #Caching

**Martinus Hoevenaar** @martinus@mastodon.art · 4d

Martinus Hoevenaar @martinus@mastodon.art

Had to adjust my .htaccess file today, because a SEO company had their bot trying to scrape my site. It didn't get further than the index-page, but it was comparable to a small DDoS, as in 5700 hits per minute.
Now let's hope the adjustment helps.
If it doesn't then their domain will be added to the firewall. And if they continue, I'll ask my lawyer to send a cease & desist. But for now: let's hope those motherfuckers stay away.

#ai #bots #seo

**kevin ⁂ (he/him)** @KevinGimbel@fosstodon.org · 5d

kevin ⁂ (he/him) @KevinGimbel@fosstodon.org

RE: "Denial"

Jeremy Keith on the Denial of using AI.

https://kevingimbel.de/link-blog/re-https-adactio-com-journal-21831

#linkblog #SuggestedRead #ai #tech #ddos #open web

kevingimbel.deDenial | kevingimbel.de

More from

kevin ⁂ (he/him)

**Jordan** @lns@fosstodon.org · 6d *

6d *

Jordan @lns@fosstodon.org

I've seen a real uptick the past couple of days in attacks on my IP address space. Not sure if I'm being targeted, or part of a wider campaign. Oh well, fail2ban makes quick work of them

#selfhosted #cybersecurity #security

**Rachel Rawlings** @linuxandyarn@infosec.exchange · 6d

Rachel Rawlings @linuxandyarn@infosec.exchange

I'm having trouble figuring out what kind of botnet has been hammering our web servers over the past week. Requests come in from tens of thousands of addresses, just once or twice each (and not getting blocked by fail2ban), with different browser strings (Chrome versions ranging from 24.0.1292.0 - 108.0.5163.147) and ridiculous cobbled-together paths like /about-us/1-2-3-to-the-zoo/the-tiny-seed/10-little-rubber-ducks/1-2-3-to-the-zoo/the-tiny-seed/the-nonsense-show/slowly-slowly-slowly-said-the-sloth/the-boastful-fisherman/the-boastful-fisherman/brown-bear-brown-bear-what-do-you-see/the-boastful-fisherman/brown-bear-brown-bear-what-do-you-see/brown-bear-brown-bear-what-do-you-see/pancakes-pancakes/pancakes-pancakes/the-tiny-seed/pancakes-pancakes/pancakes-pancakes/slowly-slowly-slowly-said-the-sloth/the-tiny-seed

(I just put together a bunch of Eric Carle titles as an example. The actual paths are pasted together from valid paths on our server but in invalid order, with as many as 32 subdirectories.)

Has anyone else been seeing this and do you have an idea what's behind it?

#botnet #ddos #webscraping

**Dissent Doe** @PogoWasRight@infosec.exchange · 6d

Dissent Doe @PogoWasRight@infosec.exchange

So apart from the attempt to open a lot of Facebook accounts using my domain, my site has also been under sporadic DDoS attacks. I hope you don't have too much trouble connecting at times.

And no, I have no idea who I ticked off now.

#DDoS

Replied in thread

**Jure Repinc** @JRepin@mstdn.io · Apr 6

Apr 6

Jure Repinc @JRepin@mstdn.io

@kompot Just a little thought I had in relation to this. Would it make any sense to report these DDoS attacks to national CERT authorities, e.g. @sicert here in Slovenia?

#DDoS #Internet #LLM

**LinuxNews.de** @linuxnews@social.anoxinon.de · Apr 6

Apr 6

LinuxNews.de @linuxnews@social.anoxinon.de

Nachdem diverse #ki #ai #crawler besonders respektvoll mit den öffentlichen Ressourcen von Open Source Projekten umgehen, habe ich mich dazu entschlossen eben diese auszusperren. Wir hatten in der Vergangenheit crawls, die im #monitoring als #ddos gewertet wurden.

Diverse AS erfreuen sich nun einem dauerhaften 429, einige wenige die es für alle kaputt machen…

Replied in thread

**Kevin Karhan** @kkarhan@infosec.space · Apr 6

Apr 6

Kevin Karhan @kkarhan@infosec.space

@Prozak @seanfobbe Lets say @Codeberg did suffer some serious #DDoS (which OFC isn't their fault) so I'd rather see #SelfHosting as a better option...

Needless to say I'm likely considering as a #public #mirror / #public #git once I'd actually change my setups.

It's just.currently.not.my.priority, but *my.priorities.ain't authoritative...

Replied in thread

**Kevin Karhan** @kkarhan@infosec.space · Apr 6

Apr 6

Kevin Karhan @kkarhan@infosec.space

@seanfobbe personally I'd consider #gitea and #SelfHosting.

As of now I abude #github as free, #DDoS-protected hosting and something #Microsoft burns money in.

Once any of my projects would gain traction I'd move from there away.

I just am not a huge fan of @Codeberg even tho they are a better option.

I jist move to either SelfHosting or nowhere...

**Cybernews** @cybernews@infosec.exchange · Apr 4

Apr 4

Cybernews @cybernews@infosec.exchange

The Dutch web hosting company Argeweb has experienced performance issues for over a week now.

#Netherlands #Argeweb #DDoS #cybersecurity

https://cnews.link/ddos-attack-cripples-hosting-company-1/

**David Bombal** @davidbombal@infosec.exchange · Apr 3

Apr 3

David Bombal @davidbombal@infosec.exchange

DDoS Attacks (HTTP/2, DNS, Hacktivist)
This is Real World Technical Analysis

YouTube video: https://youtu.be/t2jKcA1OyBE

#Sponsored #cybersecurity #ddos #dos #DNS #http #tls #hack #hacker #hacking #cyber #internet Radware

youtu.be- YouTubeEnjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

**PUPUWEB Blog** @pupuweb@mastodon.social · Apr 3

Apr 3

PUPUWEB Blog @pupuweb@mastodon.social

Netscout reports DDoS attacks surged from 13M+ in 2023 to ~17M in 2024, with new tech like #AI supercharging their impact. These attacks are now a staple of #GeopoliticalConflict. #CyberSecurity #DDoS #TechTrends #AIImpact #CyberThreats #InfoSec