https://blog.cloudflare.com/post-mortem-on-cloudflare-control-plane-and-analytics-outage/
门禁恒久远,电锯永流传
门禁恒久远,电锯永流传
The Cloudflare Blog
Post mortem on the Cloudflare Control Plane and Analytics Outage
Beginning on Thursday, November 2, 2023 at 11:43 UTC Cloudflare's control plane and analytics services experienced an outage. Here are the details
Forwarded from Sunbelife真不要脸啊
Forwarded from TUNA Mirror Status (Harry)
[#PSA] Telegram 官方 macOS Swift 客户端会对随机的、不属于 Telegram 的 IP 的 443 端口进行 TCP 握手。随机 IP 没有规律、有时甚至会尝试向不存在的 IP(如图中的 0.36.205.8 )发起 TCP 握手。
https://github.com/overtake/TelegramSwift/issues/1060
建议使用防火墙拦截上述的随机 TCP 连接,Surge for Mac 用户可以使用下述规则拦截:
https://github.com/overtake/TelegramSwift/issues/1060
建议使用防火墙拦截上述的随机 TCP 连接,Surge for Mac 用户可以使用下述规则拦截:
# Telegram 域名
RULE-SET,https://ruleset.skk.moe/List/non_ip/telegram.conf,[replace with your policy name],extended-matching
# Telegram 官方在 https://core.telegram.org/resources/cidr.txt 列出的 Telegram IP 段
RULE-SET,https://ruleset.skk.moe/List/ip/telegram.conf,[replace with your policy name]
# 非官方收集的 Telegram ASN 列表
RULE-SET,https://ruleset.skk.moe/List/ip/telegram_asn.conf,[replace with your policy name]
# 静默丢弃 Telegram 客户端发起的、目标非 Telegram 域名和 IP 的其他连接
PROCESS-NAME,Telegram,REJECT-DROP
GitHub
[Bug] Telegram macOS (Swift version) often connects to random IPs that doesn't belongs to Telegram · Issue #1060 · overtake/TelegramSwift
As shown in the screenshot above, the Telegram Swift is trying to connect to random IPs' 443 port. This also includes an invalid IP 0.36.205.8. And here are more screenshots:
https://thehackernews.com/2024/01/experts-warn-of-macos-backdoor-hidden.html
TL; DR
macOS 上知名软件的破解版(NaviCat Premium、UltraEdit、FinalShell、SecureCRT 等)内置了后门。后门通过软件从 HTTP 地址下载 payload 并释放在 /tmp/.test 目录和 /Users/Shared/.fsevents 目录下,并创建 LaunchAgent 确保后门存活。
受影响的破解版软件由以下网站传播:
TL; DR
macOS 上知名软件的破解版(NaviCat Premium、UltraEdit、FinalShell、SecureCRT 等)内置了后门。后门通过软件从 HTTP 地址下载 payload 并释放在 /tmp/.test 目录和 /Users/Shared/.fsevents 目录下,并创建 LaunchAgent 确保后门存活。
受影响的破解版软件由以下网站传播:
macv.com
macw.com
macz.com
macjb.com
macsc.com
macxf.com
orsoon.com
macxz.com
mac89.com
52112.com
macyy.cn
macdown.com
zupee.com
Sukka's Notebook pinned «https://thehackernews.com/2024/01/experts-warn-of-macos-backdoor-hidden.html TL; DR macOS 上知名软件的破解版(NaviCat Premium、UltraEdit、FinalShell、SecureCRT 等)内置了后门。后门通过软件从 HTTP 地址下载 payload 并释放在 /tmp/.test 目录和 /Users/Shared/.fsevents 目录下,并创建 LaunchAgent 确保后门存活。 …»