Hi there!

priority_high April Fools! This blog post is a joke and does not represent real research. We hope you enjoyed it! In collaboration with the NIST, CISA and The University of South Florida I am pleased to announce research regarding a new class of vulnerability called Remote Bankruptcy Exploits (RBE). Overview The RBE vulnerability class represents a significant shift in the landscape of cybersecurity threats. Unlike traditional exploits that focus on data theft or system compromise, RBE attacks target the financial stability of startups and small businesses by exploiting the very infrastructure designed to scale their operations....

Hey everyone, I can’t help but dive into this blog post without first tipping my virtual hat to the brilliant minds behind the scenes. To the organizers of the recent HPCC1 competition, you’ve orchestrated something truly epic. Your dedication, creativity, and the sheer complexity of the challenges pushed us to the limits of our knowledge and skills. And for that, I am genuinely thankful. Competing in the Horse Plink Cyber Challenge 1 (henceforth know as HPCC1) was not just a battle of wits and technical prowess; it was an adventure....

With docker deleting open source organizations it might be time to selfhost your own container registry. Project Quay is the open source version of Redhat Quay, the container registry that powers quay.io. It can be configured as a pull through cache (useful for saving bandwidth). Not a lot of great guides exist for how to setup quay using docker-compose so here it is. --- services: quay: image: quay.io/projectquay/quay:3.8.4 # One-time command for running Quay in configurator mode....

Here are my goals for my selfhosting setup v3. All containers updated with gitops All containers scanned for cves All apps that support use federated auth (ouath openidc ldap etc.) All containers that don’t receive frequent updates are built locally instead Container engine runs without root (maybe a v4) All databases dumped before backup Backups Local backups for devices Logging containers logs Alerting Here is the basic plan of how to achieve this Gitea for git server Rennovatebot for updates Quay for image registry Woodpecker for ci Clair for scanning Traefik for reverse proxy Tailscale for networking Tailscale funnels for public access Podman for rootless Keycloak for auth Overall I hope this setup will decrease the amount of ongoing maintenance, alert me to problems before they break stuff, and make sure my apps are up to date....

This is a brief overview of diffrent minecraft servers. This is a great guide to picking the best one for your circumstances.