🤼♂️ @wabashwrestling heads to the University of Chicago!
📍 Chicago, Illinois | 🗓️ Fri, Nov. 14 | ⏰ 7 PM CT
🎥 Watch: https://www.flocollege.com/live/219602
📊 Live Stats: https://www.flowrestling.org/nextgen/events/14515262/information
#WAF #D3wrestling
📍 Chicago, Illinois | 🗓️ Fri, Nov. 14 | ⏰ 7 PM CT
🎥 Watch: https://www.flocollege.com/live/219602
📊 Live Stats: https://www.flowrestling.org/nextgen/events/14515262/information
#WAF #D3wrestling
November 14, 2025 at 10:01 PM
🤼♂️ @wabashwrestling heads to the University of Chicago!
📍 Chicago, Illinois | 🗓️ Fri, Nov. 14 | ⏰ 7 PM CT
🎥 Watch: https://www.flocollege.com/live/219602
📊 Live Stats: https://www.flowrestling.org/nextgen/events/14515262/information
#WAF #D3wrestling
📍 Chicago, Illinois | 🗓️ Fri, Nov. 14 | ⏰ 7 PM CT
🎥 Watch: https://www.flocollege.com/live/219602
📊 Live Stats: https://www.flowrestling.org/nextgen/events/14515262/information
#WAF #D3wrestling
buppy is gonnbe web developer
make weebssite
get ouppy money
get treats n maybe nore brain cell
think 2 much
bark bark waf waf waf wasawasaasaawawa
make weebssite
get ouppy money
get treats n maybe nore brain cell
think 2 much
bark bark waf waf waf wasawasaasaawawa
November 14, 2025 at 9:29 PM
buppy is gonnbe web developer
make weebssite
get ouppy money
get treats n maybe nore brain cell
think 2 much
bark bark waf waf waf wasawasaasaawawa
make weebssite
get ouppy money
get treats n maybe nore brain cell
think 2 much
bark bark waf waf waf wasawasaasaawawa
Logging = Visibility
You can’t protect what you can’t see.
Enable CloudWatch Logs for Lambda, API Gateway, and WAF.
Logs tell the story of what’s happening inside your app — good or bad.
> 👀 Logging is your first line of defense.
You can’t protect what you can’t see.
Enable CloudWatch Logs for Lambda, API Gateway, and WAF.
Logs tell the story of what’s happening inside your app — good or bad.
> 👀 Logging is your first line of defense.
November 14, 2025 at 8:01 PM
Logging = Visibility
You can’t protect what you can’t see.
Enable CloudWatch Logs for Lambda, API Gateway, and WAF.
Logs tell the story of what’s happening inside your app — good or bad.
> 👀 Logging is your first line of defense.
You can’t protect what you can’t see.
Enable CloudWatch Logs for Lambda, API Gateway, and WAF.
Logs tell the story of what’s happening inside your app — good or bad.
> 👀 Logging is your first line of defense.
Was Waf deaf at the time of this heist?
November 14, 2025 at 7:50 PM
Was Waf deaf at the time of this heist?
WAF!!! lmao what a brilliant boy he was.
November 14, 2025 at 7:40 PM
WAF!!! lmao what a brilliant boy he was.
to the bowl, and when Papi was likely to be in husband's lap rather than at eye-level to see Waf/growl at him.
November 14, 2025 at 7:34 PM
to the bowl, and when Papi was likely to be in husband's lap rather than at eye-level to see Waf/growl at him.
Waf had planned. He'd done dry runs--that's why he'd been going under the bed. Then he sprung his plan, but didn't count on how we could hear the kibble moving in the bowl. It was, I must say, damned clever of him otherwise. He got me used to him being under the bed, and how long it took to get
November 14, 2025 at 7:34 PM
Waf had planned. He'd done dry runs--that's why he'd been going under the bed. Then he sprung his plan, but didn't count on how we could hear the kibble moving in the bowl. It was, I must say, damned clever of him otherwise. He got me used to him being under the bed, and how long it took to get
I was laying on the bed once and noticed--unusual for Waf--that Waf kept going under the bed. Then he'd come out again. For a few days he did this. Then one day my husband turned and saw Waf on the other side of the bed, head sticking out, about to eat Papi's food beneath the ramp.
November 14, 2025 at 7:34 PM
I was laying on the bed once and noticed--unusual for Waf--that Waf kept going under the bed. Then he'd come out again. For a few days he did this. Then one day my husband turned and saw Waf on the other side of the bed, head sticking out, about to eat Papi's food beneath the ramp.
Waf and Marlowe are both smart but in different ways. Waf planned. We dogsit a neighbor's dog fairly regularly, and the dog never eats his food all at once, so we'd have to keep his food next to the bed, under the dog ramp, so we could keep an eye on it--Waf always tried to eat Papi's food.
November 14, 2025 at 7:34 PM
Waf and Marlowe are both smart but in different ways. Waf planned. We dogsit a neighbor's dog fairly regularly, and the dog never eats his food all at once, so we'd have to keep his food next to the bed, under the dog ramp, so we could keep an eye on it--Waf always tried to eat Papi's food.
Of course Waf figured out what was what pretty quickly and would get into my lap, look right into my face, and bark so *I* got sprayed. But it worked for him anyway.
November 14, 2025 at 7:07 PM
Of course Waf figured out what was what pretty quickly and would get into my lap, look right into my face, and bark so *I* got sprayed. But it worked for him anyway.
For both Waf and now Marlowe, we used a no-bark collar that sprays a small spritz of citronella mist into their faces when they bark. We were light with its use because we wanted them to be vocal--just not obnoxiously so. It worked well. W/Marlowe we just have to show it to him now and he calms down
November 14, 2025 at 7:06 PM
For both Waf and now Marlowe, we used a no-bark collar that sprays a small spritz of citronella mist into their faces when they bark. We were light with its use because we wanted them to be vocal--just not obnoxiously so. It worked well. W/Marlowe we just have to show it to him now and he calms down
Want to catch secrets, detect a WAF, and spot errors across every HTTP response?
Global Matches can automatically detect all of that and more 👇
Dive deeper into Global Matchers: https://docs.projectdiscovery.io/templates/reference/matchers<a href="/hashtag/global-matchers" class="hover:underline text-blue-600 dark:text-sky-400 no-card-link">#global-matchers
Global Matches can automatically detect all of that and more 👇
Dive deeper into Global Matchers: https://docs.projectdiscovery.io/templates/reference/matchers<a href="/hashtag/global-matchers" class="hover:underline text-blue-600 dark:text-sky-400 no-card-link">#global-matchers
November 14, 2025 at 6:31 PM
Want to catch secrets, detect a WAF, and spot errors across every HTTP response?
Global Matches can automatically detect all of that and more 👇
Dive deeper into Global Matchers: https://docs.projectdiscovery.io/templates/reference/matchers<a href="/hashtag/global-matchers" class="hover:underline text-blue-600 dark:text-sky-400 no-card-link">#global-matchers
Global Matches can automatically detect all of that and more 👇
Dive deeper into Global Matchers: https://docs.projectdiscovery.io/templates/reference/matchers<a href="/hashtag/global-matchers" class="hover:underline text-blue-600 dark:text-sky-400 no-card-link">#global-matchers
🔍 What attackers can do?
The flaw lets remote attackers run arbitrary admin-level commands by abusing path traversal in the management interface.
Possible impact:
- full system compromise
- creation of rogue admin accounts
- manipulation of WAF rules
- lateral movement deeper into the network
The flaw lets remote attackers run arbitrary admin-level commands by abusing path traversal in the management interface.
Possible impact:
- full system compromise
- creation of rogue admin accounts
- manipulation of WAF rules
- lateral movement deeper into the network
November 14, 2025 at 6:17 PM
🔍 What attackers can do?
The flaw lets remote attackers run arbitrary admin-level commands by abusing path traversal in the management interface.
Possible impact:
- full system compromise
- creation of rogue admin accounts
- manipulation of WAF rules
- lateral movement deeper into the network
The flaw lets remote attackers run arbitrary admin-level commands by abusing path traversal in the management interface.
Possible impact:
- full system compromise
- creation of rogue admin accounts
- manipulation of WAF rules
- lateral movement deeper into the network
WAF — ban! ban! ban! — FLES
November 14, 2025 at 6:04 PM
WAF — ban! ban! ban! — FLES
Reading the article... so their WAF is vulnerable to a simple path traversal exploit!?! 🤯
November 14, 2025 at 5:22 PM
Reading the article... so their WAF is vulnerable to a simple path traversal exploit!?! 🤯
🚨 The 2025 OWASP Top 10 (RC) is out! Key updates:
A03: Software Supply Chain Failures
A10: Mishandling Exceptional Conditions
SSRF now part of Broken Access Control.
Fastly’s Edge Cloud & Next-Gen WAF help protect against all Top 10 risks.
Read more: www.fastly.com/blog/new-202...
#AppSec
A03: Software Supply Chain Failures
A10: Mishandling Exceptional Conditions
SSRF now part of Broken Access Control.
Fastly’s Edge Cloud & Next-Gen WAF help protect against all Top 10 risks.
Read more: www.fastly.com/blog/new-202...
#AppSec
November 14, 2025 at 4:41 PM
🚨 The 2025 OWASP Top 10 (RC) is out! Key updates:
A03: Software Supply Chain Failures
A10: Mishandling Exceptional Conditions
SSRF now part of Broken Access Control.
Fastly’s Edge Cloud & Next-Gen WAF help protect against all Top 10 risks.
Read more: www.fastly.com/blog/new-202...
#AppSec
A03: Software Supply Chain Failures
A10: Mishandling Exceptional Conditions
SSRF now part of Broken Access Control.
Fastly’s Edge Cloud & Next-Gen WAF help protect against all Top 10 risks.
Read more: www.fastly.com/blog/new-202...
#AppSec
Why You Should Use AWS WAF
WAF (Web Application Firewall) protects your APIs from SQL injection, XSS, and bot attacks.
Attach it to your API Gateway and enable managed rule groups for instant protection.
> 🧱 Security at the edge saves you from headaches later.
WAF (Web Application Firewall) protects your APIs from SQL injection, XSS, and bot attacks.
Attach it to your API Gateway and enable managed rule groups for instant protection.
> 🧱 Security at the edge saves you from headaches later.
November 14, 2025 at 4:01 PM
Why You Should Use AWS WAF
WAF (Web Application Firewall) protects your APIs from SQL injection, XSS, and bot attacks.
Attach it to your API Gateway and enable managed rule groups for instant protection.
> 🧱 Security at the edge saves you from headaches later.
WAF (Web Application Firewall) protects your APIs from SQL injection, XSS, and bot attacks.
Attach it to your API Gateway and enable managed rule groups for instant protection.
> 🧱 Security at the edge saves you from headaches later.
It’s time for the 131st Monon Bell Classic!!! 🔔
Wabash and DePauw will play for the Bell and a possible NCAA playoff berth on Saturday.
Get ready for the showdown at Little Giant Stadium with the game preview ⤵️
https://loom.ly/Hm0PghQ
#WAF #MononBell @wabashfb
Wabash and DePauw will play for the Bell and a possible NCAA playoff berth on Saturday.
Get ready for the showdown at Little Giant Stadium with the game preview ⤵️
https://loom.ly/Hm0PghQ
#WAF #MononBell @wabashfb
Page Not Found (404)
Page Not Found (404): It looks like you're lost... The page you are looking for no longer exists.
sports.wabash.edu
November 14, 2025 at 2:32 PM
It’s time for the 131st Monon Bell Classic!!! 🔔
Wabash and DePauw will play for the Bell and a possible NCAA playoff berth on Saturday.
Get ready for the showdown at Little Giant Stadium with the game preview ⤵️
https://loom.ly/Hm0PghQ
#WAF #MononBell @wabashfb
Wabash and DePauw will play for the Bell and a possible NCAA playoff berth on Saturday.
Get ready for the showdown at Little Giant Stadium with the game preview ⤵️
https://loom.ly/Hm0PghQ
#WAF #MononBell @wabashfb
Last post before the WAF. I will have these four recent original artworks with me this weekend if you want to see them "in the stitch" 😉
@textileart
@fiberarts
#art #fineartinstitch #textileart #embroidery #fineart #contemporaryart #mastoart […]
[Original post on mastoart.social]
@textileart
@fiberarts
#art #fineartinstitch #textileart #embroidery #fineart #contemporaryart #mastoart […]
[Original post on mastoart.social]
November 14, 2025 at 12:49 PM
Last post before the WAF. I will have these four recent original artworks with me this weekend if you want to see them "in the stitch" 😉
@textileart
@fiberarts
#art #fineartinstitch #textileart #embroidery #fineart #contemporaryart #mastoart […]
[Original post on mastoart.social]
@textileart
@fiberarts
#art #fineartinstitch #textileart #embroidery #fineart #contemporaryart #mastoart […]
[Original post on mastoart.social]
Fortinet FortiWeb WAF Under Siege: Critical Authentication Bypass Exploit in Action
Introduction: Understanding the Urgency A new cybersecurity alert has sent ripples through the IT world: a critical authentication bypass vulnerability in Fortinet’s FortiWeb Web Application Firewall (WAF) is…
Introduction: Understanding the Urgency A new cybersecurity alert has sent ripples through the IT world: a critical authentication bypass vulnerability in Fortinet’s FortiWeb Web Application Firewall (WAF) is…
Fortinet FortiWeb WAF Under Siege: Critical Authentication Bypass Exploit in Action
Introduction: Understanding the Urgency A new cybersecurity alert has sent ripples through the IT world: a critical authentication bypass vulnerability in Fortinet’s FortiWeb Web Application Firewall (WAF) is actively being exploited. The flaw allows attackers to create unauthorized administrative accounts, effectively giving them full control over affected systems. With exploit tools already circulating online, organizations using FortiWeb are under immediate risk.
undercodenews.com
November 14, 2025 at 12:10 PM
Fortinet FortiWeb WAF Under Siege: Critical Authentication Bypass Exploit in Action
Introduction: Understanding the Urgency A new cybersecurity alert has sent ripples through the IT world: a critical authentication bypass vulnerability in Fortinet’s FortiWeb Web Application Firewall (WAF) is…
Introduction: Understanding the Urgency A new cybersecurity alert has sent ripples through the IT world: a critical authentication bypass vulnerability in Fortinet’s FortiWeb Web Application Firewall (WAF) is…
Bot Defense Case Study: Real-World Traffic Comparison with SafeLine WAF https://cstu.io/516fac #startup #google #s
Bot Defense Case Study: Real-World Traffic Comparison with SafeLine WAF
Protecting web applications from malicious bots is one thing; proving it works in production is...
cstu.io
November 14, 2025 at 11:21 AM
Bot Defense Case Study: Real-World Traffic Comparison with SafeLine WAF https://cstu.io/516fac #startup #google #s
Fortinet FortiWebの脆弱性、企業のサイレントパッチ前に実際に悪用される
サイバーセキュリティ研究者らは、Fortinet Fortiweb WAFに存在する認証バイパスの脆弱性について警告を発しています。この脆弱性により、攻撃者が管理者アカウントを乗っ取り、デバイスを完全に制御できる可能性があります。 「watchTowrチームは、FortinetのFortiWeb製品においてサイレントパッチが適用されたと思われる脆弱性が、実際に無差別に悪用されているのを確認しています」と、watchTowrのCEO兼創設者であるBenjamin Harris氏は声明で述べています。…
サイバーセキュリティ研究者らは、Fortinet Fortiweb WAFに存在する認証バイパスの脆弱性について警告を発しています。この脆弱性により、攻撃者が管理者アカウントを乗っ取り、デバイスを完全に制御できる可能性があります。 「watchTowrチームは、FortinetのFortiWeb製品においてサイレントパッチが適用されたと思われる脆弱性が、実際に無差別に悪用されているのを確認しています」と、watchTowrのCEO兼創設者であるBenjamin Harris氏は声明で述べています。…
Fortinet FortiWebの脆弱性、企業のサイレントパッチ前に実際に悪用される
サイバーセキュリティ研究者らは、Fortinet Fortiweb WAFに存在する認証バイパスの脆弱性について警告を発しています。この脆弱性により、攻撃者が管理者アカウントを乗っ取り、デバイスを完全に制御できる可能性があります。 「watchTowrチームは、FortinetのFortiWeb製品においてサイレントパッチが適用されたと思われる脆弱性が、実際に無差別に悪用されているのを確認しています」と、watchTowrのCEO兼創設者であるBenjamin Harris氏は声明で述べています。 「バージョン8.0.2で修正されたこの脆弱性は、攻撃者が特権ユーザーとして操作を実行できるようにします。実際の攻撃では、攻撃者が新たな管理者アカウントを追加することで、基本的な永続化手段として利用しています。」 このサイバーセキュリティ企業は、脆弱性の再現に成功し、動作する概念実証(PoC)を作成したと述べています。また、認証バイパスを特定するためのアーティファクト生成ツールも公開しています。 DefusedおよびPwnDefendのセキュリティ研究者Daniel Cardによって共有された詳細によると、攻撃者はHTTP POSTリクエストを用いて「/api/v2.0/cmdb/system/admin%3F/../../../../../cgi-bin/fwbcgi」にペイロードを送信し、管理者アカウントを作成していることが判明しています。 実際に検出されたペイロードによって作成された管理者ユーザー名とパスワードの一部は以下の通りです。 Testpoint / AFodIUU3Sszp5 trader1 / 3eMIXX43 trader / 3eMIXX43 test1234point / AFT3$tH4ck Testpoint / AFT3$tH4ck Testpoint / AFT3$tH4ckmet0d4yaga!n 攻撃の背後にいる脅威アクターの出自や身元は依然として不明です。この悪用活動は先月初めに初めて検出されました。執筆時点で、FortinetはCVE識別子を割り当てておらず、PSIRTフィードにもアドバイザリを公開していません。 The Hacker NewsはFortinetにコメントを求めており、返答があれば記事を更新します。 Rapid7は、バージョン8.0.2以前のFortinet FortiWebを運用している組織に対し、緊急で脆弱性への対応を促しています。同社は、FortiWebを標的としたゼロデイエクスプロイトが2025年11月6日に有名なブラックハットフォーラムで販売されたのを確認したと述べています。これが同じエクスプロイトかどうかは現時点では不明です。 「Fortinetからのコメントを待つ間、ユーザーや企業は今やおなじみの対応を迫られています。過去の侵害の兆候を探し、Fortinetに追加情報を問い合わせ、まだパッチを適用していなければ適用することです」とHarris氏は述べています。「ただし、観測されている無差別な悪用を踏まえると、未修正の機器はすでに侵害されている可能性が高いでしょう。」 翻訳元:
blackhatnews.tokyo
November 14, 2025 at 9:23 AM
Fortinet FortiWebの脆弱性、企業のサイレントパッチ前に実際に悪用される
サイバーセキュリティ研究者らは、Fortinet Fortiweb WAFに存在する認証バイパスの脆弱性について警告を発しています。この脆弱性により、攻撃者が管理者アカウントを乗っ取り、デバイスを完全に制御できる可能性があります。 「watchTowrチームは、FortinetのFortiWeb製品においてサイレントパッチが適用されたと思われる脆弱性が、実際に無差別に悪用されているのを確認しています」と、watchTowrのCEO兼創設者であるBenjamin Harris氏は声明で述べています。…
サイバーセキュリティ研究者らは、Fortinet Fortiweb WAFに存在する認証バイパスの脆弱性について警告を発しています。この脆弱性により、攻撃者が管理者アカウントを乗っ取り、デバイスを完全に制御できる可能性があります。 「watchTowrチームは、FortinetのFortiWeb製品においてサイレントパッチが適用されたと思われる脆弱性が、実際に無差別に悪用されているのを確認しています」と、watchTowrのCEO兼創設者であるBenjamin Harris氏は声明で述べています。…
Cybersecurity researchers report active exploitation of a previously unnoticed vulnerability in Fortinet's FortiWeb WAF allowing unauthorized admin account access. Companies are urged to review and promptly secure their devices.
November 14, 2025 at 9:17 AM
Cybersecurity researchers report active exploitation of a previously unnoticed vulnerability in Fortinet's FortiWeb WAF allowing unauthorized admin account access. Companies are urged to review and promptly secure their devices.
Uno 0day su FortiWeb WAF sfruttato attivamente! E rimuovete le interfacce di Admin da Internet
📌 Link all'articolo : www.redhotcyber.com/post/uno...
#redhotcyber #news #cybersecurity #hacking #fortinet #fortiweb #pathtraversal #vulnerabilita #exploit #accesso remoto #bug
📌 Link all'articolo : www.redhotcyber.com/post/uno...
#redhotcyber #news #cybersecurity #hacking #fortinet #fortiweb #pathtraversal #vulnerabilita #exploit #accesso remoto #bug
November 14, 2025 at 6:30 AM
Uno 0day su FortiWeb WAF sfruttato attivamente! E rimuovete le interfacce di Admin da Internet
📌 Link all'articolo : www.redhotcyber.com/post/uno...
#redhotcyber #news #cybersecurity #hacking #fortinet #fortiweb #pathtraversal #vulnerabilita #exploit #accesso remoto #bug
📌 Link all'articolo : www.redhotcyber.com/post/uno...
#redhotcyber #news #cybersecurity #hacking #fortinet #fortiweb #pathtraversal #vulnerabilita #exploit #accesso remoto #bug
**Uno 0day su FortiWeb WAF sfruttato attivamente! E rimuovete le interfacce di Admin da Internet**
Gli aggressori stanno attivamente sfruttando una falla critica nel sistema di protezione delle applicazioni web **FortiWeb (WAF)prodotto da Fortinet,** che […]
[Original post on poliverso.org]
Gli aggressori stanno attivamente sfruttando una falla critica nel sistema di protezione delle applicazioni web **FortiWeb (WAF)prodotto da Fortinet,** che […]
[Original post on poliverso.org]
November 14, 2025 at 7:30 AM
**Uno 0day su FortiWeb WAF sfruttato attivamente! E rimuovete le interfacce di Admin da Internet**
Gli aggressori stanno attivamente sfruttando una falla critica nel sistema di protezione delle applicazioni web **FortiWeb (WAF)prodotto da Fortinet,** che […]
[Original post on poliverso.org]
Gli aggressori stanno attivamente sfruttando una falla critica nel sistema di protezione delle applicazioni web **FortiWeb (WAF)prodotto da Fortinet,** che […]
[Original post on poliverso.org]