HackerTrans
TopNewTrendsCommentsPastAskShowJobs

lucastech

no profile record

comments

lucastech
·20 วันที่ผ่านมา·discuss
Looks cool, how do you integrate it into your agent to keep the context in sync?
lucastech
·8 เดือนที่ผ่านมา·discuss
pretty crazy to see these sorts of worms, I think it's probably a good thing that we start to examine the "supply chain" of open source software and figure out ways to prevent this sort of attack.

Timing was definitely smart on the part of the attacker, heading into Thanksgiving in the US means a lot of people in vacation mode, probably not even realizing this is happening right now.

This should really be front page here
lucastech
·8 เดือนที่ผ่านมา·discuss
This is awesome, I've used offload media for years, but they've been getting more and more annoying about their plugin trying to convert to using their cdns and upgrading to their premium plugin.

I've wanted to explore R2 (I use S3/Cloudfront today) and this looks like a great way to do so!
lucastech
·9 เดือนที่ผ่านมา·discuss
I wrote about this back in July when this "gang" first started hitting some sites I host: https://wxp.io/blog/the-bots-that-keep-on-giving

they use a mixture of colo (M247, Datacamp, HostRoyale, Oxylabs, etc) and international residential. I suspect the latter are where those residential app proxies come into play (bright SDK, etc). Oxylabs is also a well known proxy provider, which makes me think they're the gateway into all of these IPs.

Definitely interesting times to try and host a web server!
lucastech
·9 เดือนที่ผ่านมา·discuss
Yeah, there are some botnets I've been seeing that are much more stealthy, using 900-3000 IP's with rotating user agents to send enormous amounts of traffic.

I've resorted to blocking entire AS routes to prevent it (fortunately I am mostly hosting US sites with US only residential audiences). I'm not sure who's behind it, but one of the later data centers is oxylabs, so they're probably involved somehow.

https://wxp.io/blog/the-bots-that-keep-on-giving
lucastech
·9 เดือนที่ผ่านมา·discuss
Meta Ireland is just as bad, I've noticed a lot of Tencent from SG.
lucastech
·9 เดือนที่ผ่านมา·discuss
I wrote about this a few weeks ago, because it really is quite insane.

I wish AWS would curtail abuse from their networks. My hope is to build some tools to automate detection and reporting of this sort of abuse, so we can force it into AWS's court.

https://wxp.io/blog/abuse-from-amazon-ip-networks-never-end
lucastech
·9 เดือนที่ผ่านมา·discuss
I remember dealing with a large credential stuffing attack at a marketplace right after we announced our series B ~2018. We developed some tools to keep them out through pattern matching, but it was not easy and it took some time to develop those tools.

Best companies to work with were spycloud.com and sift.com.

spycloud actually specializes in identifying leaked credentials, which are what attackers use in the credential stuffing list they go through, so you could identify "stuffable" credentials prior to the attack happening, which is nice.

sift was great at helping to just identify fraud in general, so if an account did quietly get compromised, we could identify it before the transaction was finalized.