Probably questions that can be answered by RTFM
Intel had something like this as well (side channel attack?). I remember it because Linus Torvalds (creator of Linux kernel) ripped Intel a new one.
Honestly, once it reaches critical mass. It will mean the end of PayPal, Venmo et al AND the credit card industry as a whole.
There’s something weird about “protesting” a site by continuing to use their site. Hopefully it’s just bot traffic flooding /r/place rather than real people coordinating in real time.
You might have something here. Development would be easy but maintenance and moderation is another beast.
.io, .org, and .app are pretty good.
.xyz for fun ideas.
.dev for the obvious
.corp if you are an incorporated company in the US.
Kind of cool if your production infrastructure can match. But for most companies (ie, Fortune 500 and some medium companies) implementing this would need a force majeure.
Decades of software rot, change in management, change in architecture, waxing and waning of software and hardware trends, half assed implementations, and good ole bottom tier software consultation/contractors brought into the mix make such things impossible to implement at scale.
Once worked at a company where their onprem infra was a mix of mainframe, ibm / dell proprietary crap, Oracle vendor locked, and some rhel/centos servers. Of course some servers were on different versions of the OS. So it was impossible to setup a development environment to replicate issues.
For the most part, that’s why I still use docker for most jobs. Much easier to pull in the right image, configure app deployment declaratively, and reproduce the bug(s). I would say 90% of the time it was reproducible. Before docker/containerization it was much less than that and we had to reproduce in some non production environment that was shared amongst team.
I just want to add a quick note:
From OPs screenshot, I noticed the JS code is attempting to extract the session cookie from the users that click on the link. If it’s successful, it attempts to exfiltrate to some server otherwise sends an empty value.
You can see the attacker/spammer obscures the url of the server using JS api as well.
May be how lemmy.world attackers have had access for a lengthy period of time. Attackers have been hijacking sessions of admins. The one compromised user opened up the flood gates.
Not a sec engineer, so maybe someone else can chime in.
Lemmy.world instance under attack right now. It was previously redirecting to 🍋 🎉 and the title and side bar changed to antisemitic trash.
They supposedly attributed it to a hacked admin account and was corrected. But the instance is still showing as defaced and now the page just shows it was “seized by reddit”.
Seems like there is much more going on right now and the attackers have much more than a single admin account.
Older scrum masters during the daily standup and trying to do live updates to the JIRA board
Turned 15 minute meeting into 30 minutes at times lol.
In a way, cooking still has that “deprecation” feel. Like when you use a kitchen tool that is like 2 orders of magnitude above what you are currently using.
For me it was knives. It was a serrated knife set that was a gift and got me through college. Once I got a real job and could get something of quality. A friend recommended I change out my knives for a chef quality knives. Started out with some Global knives and have never went back to my old set. Been slowly adding over time (ie, bread knife, cleaver, paring).
Also, switched from non-stick to stainless steel because fuck PFOA. Also picked up a quality rice cooker from Zojirushi.
Technique can get you very far in cooking, but to make that dish perfect got to have the right tools.
In consulting, that’s called “after work”. Got to pump those billables
Honestly though, unless it’s a feature that is completely outside the domain of the application. If you have to re-write your entire app then your app was probably dog shit to begin with