Matthias Luft
@uchi-mata.bsky.social
Infosec Enthusiast & Practitioner. Opinions are my own. Pentest→Research→Leading→Security Engineering. Love Martial Arts, Outdoors, Dogs.
infosec.exchange/@uchi_mata
www.rational-security.io
infosec.exchange/@uchi_mata
www.rational-security.io
Regarding U2F: It is a small detail, but I learned to love the pattern of requiring additional verification for truly sensitive actions. Drastically reduces admin ATO impact.
June 4, 2025 at 1:01 PM
Regarding U2F: It is a small detail, but I learned to love the pattern of requiring additional verification for truly sensitive actions. Drastically reduces admin ATO impact.
Quick note on exploits trying to use `nginx.ingress.kubernetes.io/server-snippet`: That annotation has been identified as an issue before and has been disabled to mitigate CVE-2021-25742.
March 31, 2025 at 8:40 AM
Quick note on exploits trying to use `nginx.ingress.kubernetes.io/server-snippet`: That annotation has been identified as an issue before and has been disabled to mitigate CVE-2021-25742.