EN Attempts to exploit our newsletter subscription process to send spam (part 1) The problem A few days ago, we started noticing on our main websites (www.threatint.com, cve.threatint.com) that about 400 to 500 email addresses were subscribing to our newsletter every day without completing the second step of the subscription process. Most of the recipients didn't click
EN Microsoft Bing + sitemap.xml. Or is it sitemap.xml.gz? Letting Microsoft Bing know that your website exists is easy, isn't it? Just go to Microsoft Bing Webmaster Tools, add your domain and site, and submit your sitemap. Now Microsoft Bing knowns that your website exists, that there is content, and where to find it. So this should
EN Security.txt: publishing a security policy for your websites Having discovered security vulnerabilities, researcher often struggle to properly report these vulnerabilities because of missing contact information. This can result in serious delays and may even leave vulnerabilities unreported. Security.txt as described in RFC #9116 is a small machine-parsable file that helps organizations publish contact information and describe their
EN How to write good status pages for load Balancers Every now and then we are asked about special topics for which a lot of documentation and general advice can be found online. But sometimes there is simply a lack of guidance how to apply these things in the real world ... Dealing with load balancers and the required status page
