Infosec

In a previous post I wrote about how to set Cloudflare HTTP headers using Cloudflare Workers. In this post, I’ll show you how to do the same thing using Hugo. Thanks to Grok, I learned a nifty trick for setting Cloudflare HTTP headers in Hugo. Instead of using Cloudflare Workers, you can use Hugo’s built-in support for setting HTTP headers. To do so, create the file static/_headers with your header content following Cloudflare’s format. As an example, here’s the content of this site’s static/_headers file: ...

BLUF Competing priorities, cost-consciousness, and lower-hanging security fruit were the reasons penetration didn’t make it into my AOP this year. I’m not in a highly regulated environment, though, so if regular penetration testing is a requirement, then your options are limited, but here are some things to consider. Analysis Each offensive security consultancy and penetration tester has their own methodlogy. Penetration testing isn’t guaranteed to find your most prevalent vulnerability, nor your most difficult, movie-plot security threat. It should, more often than not, find your lowest hanging fruit. Nothing in life is guaranteed so you may find you spent five figures to learn that those critical vulnerabilities your vuln scanner has complained about for weeks are, in fact, critical vulnerabilities that attackers will abuse to gain access to your data. ...

CVE-2024-3094 highlights the strengths and weaknesses of Open Source.

Add MFA to sudo and gnome in Fedora using a Yubikey and authselect

RMS, Dan Kaminsky, FLoCS, Fedora

This post covers using AWS Config as a starting point to find public s3 buckets in your organization.

This article covers previous work and introduces a warning

This post covers increasing security for a static site hosted on s3 using cloudfront and cloudflare

Use AWS Config to locate AWS resources

This post covers how to secure an S3 bucket serving content through Cloudflare