Open BLD DNS Updating News: New BLD release, New tools and more
 
I'm happy to present new Open BLD release which is already in production 🎉

🌴 Stabilities and Updates:
• Atomizing/Micro-servicing: Different server BLD infrastructure roles
• Alerting coverage: Local and remote BLD services
• Caching: Redis to KeyDB partially changes/migrations
• Caching: Sync caching between different BLD role servers
• Configurable: Minimum TLS version can be setup through config file
• Configurable: Multiple configations supporting
• Configurable: Custom HTTP User Agent for DoH upstreams
• Configurable: Updated conditional Bootstrap and Upstream functionality
• Stability: Auto-recovering and Self-checking mechanisms

🧩 Tools:
• IP Reflector. IP Reflection API Service.
• Monitor.sh. Script for checking systemd unit status
• Self-cert-gen. Simple self signed certificate generator
• monit2telegram. A simple noscript to send Monit alerts using Telegram bot.
• Flex App Additions Methodology. Flow for Engineers, this methodology can be used as additional helper for 12-Factor app or can be used separetely, as standalone practice.

🦚 Agentless BLD:
BLD works without agents or any additional tools and allow to use secure and clean Internet:
• In: Browsers (Chrome, Brave, Firefox, Edge and etc)
• On: Mobile devices (Android, iOS)
• In/On: Computers or networks (Primaty/Secondary DNS)

📟 More details on official BLD site:
• https://lab.sys-adm.in

#free #bld #dns

Mozilla HTTP Observatory

The Mozilla HTTP Observatory is a set of tools to analyze your website and inform you if you are utilizing the many available methods to secure it.

https://github.com/mozilla/http-observatory

#tool

How to reset Linux user password with Ansible
* [en] - Read

Как сменить пароль Linux пользователя при помощи Ansible
* [ru] - Читать

Let’s rock! :D

GitHub Copilot

GitHub Copilot uses the OpenAI Codex to suggest code and entire functions in real-time, right from your editor..

https://github.com/features/copilot

Targeted Deanonymization via the Cache Side Channel: Attacks and Defenses

https://github.com/leakuidatorplusteam/artifacts

Viddy - Modern watch command.

https://github.com/sachaos/viddy

AppFlowy.IO - The Open Source Alternative To Notion

You are in charge of your data and customizations.

Documentation:
* https://appflowy.gitbook.io/docs/essential-documentation/contribute-to-appflowy

Official site:
* https://www.appflowy.io

GitHub:
* https://github.com/AppFlowy-IO/appflowy

#need_ro_research

Open BLD DNS: Our supporter is UptimeRobot
 
Hey, UptimeRobot it is a very good solution for on-line monitoring tasks. I'm using UptimeRobot over than 10 years for monitoring tasks by:
- Ping availability my Blog and Forum
- HTTP(S) availability and SSL expiry reminders
- Port(s) availability for Open BLD services
- Keyword checking on web-pages

Free plan allow using UptimeRobot with 5 min. interval with notifications to email.

Now, UptimeRobot helps to Open BLD Project to reduce checking intervals to 1 min and now you can checking Open BLD status on:
• https://bld-status.sys-adm.in page.

On my own behalf, I express my deep gratitude to the UptimeRobot service, now the availability and stability of the Open BLD service has more monitoring than it was.
 

What is CoreDNS?

Short concept presentation from CNCF:

https://www.cncf.io/wp-content/uploads/2020/08/Introduction-to-CoreDNS-1.pdf

𝗦𝗼𝗳𝘁𝘄𝗮𝗿𝗲 𝗔𝗿𝗰𝗵𝗶𝘁𝗲𝗰𝘁𝘂𝗿𝗲 Learn Map

Using Hermes’s Quicksort to run Doom: A tale of JavaScript exploitation

https://engineering.fb.com/2022/07/20/security/hermes-quicksort-to-run-doom/

PART 1: How I Met Your Beacon – Overview

…During this research we will outline a number of effective strategies for hunting for beacons, supported by our BeaconHunter tool that we developed to execute these strategies and which we intend to open source in due course. In the following posts to this research, we will then step in to a number of case studies for applying these detections to a variety of both commercial and open source frameworks…:

https://www.mdsec.co.uk/2022/07/part-1-how-i-met-your-beacon-overview/

Azure Red Team Attack and Detect Workshop

https://github.com/mandiant/Azure_Workshop

Moving from NGINX to Caddy v2

https://seanchenpiano.com/pianonotes/2021/09/11/moving-from-nginx-to-caddy-v2/

Boundary tool - Identity-based access for zero trust security

* https://www.boundaryproject.io/

#tool

Bolt like as Ansible alternative

Bolt is an open source orchestration tool that automates the manual work it takes to maintain your infrastructure.

* https://puppet.com/docs/bolt/latest/bolt.html

#tool

Artillery - Cloud-scale performance testing

Very easy tool for web services benchmarking…:

* https://www.artillery.io

#tool

2022 Unit 42 Incident Response Report

Executive Summary: Every week brings news about threat actors—new campaigns, new groups, new types of attacks, new targets. Defenders can easily wind up playing catchup, but what does it take to flip the noscript?..

Big report abpout of top attacks trends and etc.

Build an automated ecommerce app with WhatsApp Cloud API and Node.js

https://blog.logrocket.com/build-ecommerce-app-whatsapp-cloud-api-node-js/