@mttaggart We have this saying: "I hope it is serious because it'd be too crude for a joke"

Chatting with a friend about Cloudflare's intermittent outages today, they brought up an interesting point: How many organizations have started relying on Cloudflare to do basic security blocking and tackling stuff, like stopping SQL injection attacks at the edge? Maybe your devs were lazy at blocking this stuff in the past b/c CF was the control layer to compensate for that.

You might say well okay but if CF is down, so are the sites relying on them, and that's true. But a lot of organizations will switch CF off during these times to keep their sites and services reachable and running. And my friend's point was that for those organizations, they might want to take a closer look at the traffic they received during this eight-hour outage window or whatever, and I think that's sound advice.

Wizard Zines is doing another Big Zine Sale again this year on Friday, November 28th! One day only.

here’s a google calendar link for the duration of the sale if you want a reminder: https://wzrd.page/cal (or an ICS link: https://wzrd.page/cal.ics)

Just dropped: my RECON 2025 talk on Rust library recognition in malware! 🦀

I present RIFT—a tool that tackles one of the trickier problems in modern malware analysis, rust library recognition in malicious software.

https://youtu.be/_JiuYkFzVgg?si=7GAVhfyNOzLjPZnS

Worth a watch if you're into RE or malware research.

#malware #reverseengineering #cybersecurity #rift #microsoft

Danish officials have found a new way to push for the Chat Control encryption-breaking legislation without the proposed law going through a public debate

https://www.patrick-breyer.de/en/posts/chat-control/#councilpositions:~:text=19%20November%202025%3A%20COREPER%20II%20meeting%20to%20endorse%20chat%20control%202%2E0%20without%20debate

@rmd1023 @da_667
You won the bet!

“the root cause of the outage was a configuration file that is automatically generated to manage threat traffic. The file grew beyond an expected size of entries and triggered a crash in the software system that handles traffic for a number of Cloudflare’s services.”
Source: https://arstechnica.com/tech-policy/2025/11/widespread-cloudflare-outage-blamed-on-mysterious-traffic-spike/

Get your reward here!

@mttaggart I accidentally made this gif this morning before shit went down

@mkj maybe, but having a huge "we are cloudflare, we are breaking your app" message displayed to end users by default is a significant difference

RE: https://nileane.fr/@nileane/115570855799458529

First it was IoT devices, and now browsers don't work when Cloudflare has an outage. We truly are living in the dumbest timeline.

#Cloudflare

@bitsavers A mitm should pass your packets through, CF is not :)

Big day for hardware folks in Europe 🧡

We’re launching Beautiful Boards+, our biggest PCB update yet:
2–8 layers • 5 PCB colours • black/white silkscreen • 35/70 µm copper – all 100% made in Europe.

Our checkout automagically picks Beautiful Boards or Beautiful Boards+ based on your choices.

Try Beautiful Boards+ with your next project: https://aisler.net/en

Thanks for building with us and for helping us make hardware less hard. 🧡

#pcb #electronics #hardware #MadeInEurope

@XC3LL lol, some chaos engineering right there!

Cloudflare down is another teachable moment to think about your eggs and your baskets.

Cloudflare just jumped off a bridge, down globally.

We're in Tokyo presenting our iOS emulator at the CODE BLUE Conference.

📲 You can still join our early adopter program: https://u.eshard.com/ios-emulation #events #cybersecurity

@protosphere https://tilde.club or other pubnix instances?

reasoning_effort = 'none'

New, by me: Protei, a Russian-founded telecoms provider and supplier of surveillance and web monitoring technologies, was breached, its website defaced, and its servers raided.

"Another DPI/SORM provider bites the dust," read the company's defaced website.

https://techcrunch.com/2025/11/17/surveillance-tech-provider-protei-was-hacked-its-data-stolen-and-its-website-defaced/

Friendly advice for crisis communication:

"Our systems have been under attack for T days" doesn't mean that your system withstood the attack for that long. Hackers don't work with sledgehammers.

It means that you saw the attack but were unable to act on it for T days.

#incidentresponse

⌨️ Introducing HCLI: The Modern Command-Line Interface for IDA.

Automate workflows, simplify plugin development across platforms, manage licenses and more.

https://hex-rays.com/blog/introducing-hcli