MastodonTech.de

CrowdSecSharing insights and taking swift action can collectively reduce the impact of these threats. This is your call to action for real-time threat intelligence and collaborative cybersecurity. For more information, visit <a href="http://crowdsec.net" rel="nofollow noopener" translate="no" target="_blank">http://crowdsec.net</a> Want to stay ahead of the latest cyber threats? Get our weekly Threat Alert delivered straight to your inbox, along with critical threat updates and trending cybersecurity insights. 📩 Sign up now for exclusive access: <a href="https://contact.crowdsec.net/threat-alert" rel="nofollow noopener" translate="no" target="_blank">https://contact.crowdsec.net/threat-alert</a>🧵6/6<a href="https://infosec.exchange/tags/CVE202525257" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVE202525257</a> <a href="https://infosec.exchange/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#Fortinet</a> <a href="https://infosec.exchange/tags/FortiWeb" class="mention hashtag" rel="nofollow noopener" target="_blank">#FortiWeb</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener" target="_blank">#ThreatIntel</a> <a href="https://infosec.exchange/tags/CrowdSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#CrowdSec</a>

CrowdSec🛡️ How to protect your systems: 🔹 Patch: Patch your FortiWeb instance if it is publicly exposed; otherwise, remove outside access to the affected admin panel. 🔹 Preemptive blocking: Use Crowdsec CTI to block IPs exploiting CVE-2025-25257 👉 <a href="https://app.crowdsec.net/cti?q=cves%3A%22CVE-2025-25257%22&page=1" rel="nofollow noopener" translate="no" target="_blank">https://app.crowdsec.net/cti?q=cves%3A%22CVE-2025-25257%22&page=1</a> 🔹 Stay proactive: Install the Crowdsec Web Application Firewall to stay ahead of exploit attempts, with 100+ virtual patching rules available. 👉 <a href="https://doc.crowdsec.net/docs/next/appsec/intro" rel="nofollow noopener" translate="no" target="_blank">https://doc.crowdsec.net/docs/next/appsec/intro</a>🧵5/6<a href="https://infosec.exchange/tags/CVE202525257" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVE202525257</a> <a href="https://infosec.exchange/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#Fortinet</a> <a href="https://infosec.exchange/tags/FortiWeb" class="mention hashtag" rel="nofollow noopener" target="_blank">#FortiWeb</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener" target="_blank">#ThreatIntel</a> <a href="https://infosec.exchange/tags/CrowdSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#CrowdSec</a>

CrowdSec📈 Trend analysis: 🔹 CrowdSec detected the first in-the-wild exploitation of this vulnerability on July 11th, shortly after we rolled out detection rules. Using our wayback tools, we were able to establish that there were no exploitation attempts before July 11th, confirming once again that public exploits are a key driver of vulnerability weaponization. 🔹 For CVE-2025-25257, CrowdSec has observed about 40 distinct IPs producing about 500 attack events in total. Most of these attacks occurred on Friday, July 11th, the day the exploit was publicized. The attacks on Friday were mainly due to a presumably coordinated attacker spinning up a bunch of machines on Scaleway cloud to use in a broad scanning campaign. Over the weekend, the exploit quickly lost popularity. This might be due to the fact that the exploit requires the Fabric Connector administrative interface to be publicly accessible, which is somewhat unlikely. While we cannot make predictions, CrowdSec expects exploitation signals to pick up slightly this week as vulnerability scanners start looking for vulnerable devices. However, we don’t expect the attacker volume for this vulnerability to reach that of other Fortinet-related CVEs.🧵4/6<a href="https://infosec.exchange/tags/CVE202525257" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVE202525257</a> <a href="https://infosec.exchange/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#Fortinet</a> <a href="https://infosec.exchange/tags/FortiWeb" class="mention hashtag" rel="nofollow noopener" target="_blank">#FortiWeb</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener" target="_blank">#ThreatIntel</a> <a href="https://infosec.exchange/tags/CrowdSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#CrowdSec</a>

CrowdSec🛠️ About the exploit: 🔹 The Fortinet FortiWeb Fabric Connector is an integration component designed to enhance application security by linking FortiWeb web application firewalls (WAFs) with other elements of the Fortinet Security Stack. It enables policy enforcement and automated threat response by leveraging intelligence gathered from FortiGate firewalls, FortiSandbox, FortiAnalyzer, and other “Fabric-enabled” devices. It is in some sense a glue product that holds an array of different Fortinet products together. 🔹 The vulnerability allows unauthenticated attackers to execute arbitrary SQL statements against the MySQL database connected to Fabric Connector. As this database runs as root per default, this attack can be chained to run arbitrary Python code on the affected machine, allowing attackers to further compromise the system. The vulnerability affects various FortiWeb versions from 7.0 to 7.6. As a workaround, the vendor recommends disabling the administrative interface to external visitors.🧵3/6<a href="https://infosec.exchange/tags/CVE202525257" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVE202525257</a> <a href="https://infosec.exchange/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#Fortinet</a> <a href="https://infosec.exchange/tags/FortiWeb" class="mention hashtag" rel="nofollow noopener" target="_blank">#FortiWeb</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener" target="_blank">#ThreatIntel</a> <a href="https://infosec.exchange/tags/CrowdSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#CrowdSec</a>

CrowdSec⚠️ Key findings: 🔹 A new SQL injection vulnerability in a FortiWeb component allows attackers to execute arbitrary code on the affected machine. 🔹 CrowdSec has been tracking exploitation since the 11th of July 2025. 🔹 Data from the CrowdSec network indicates that attacker interest in the vulnerability remains very limited.🧵2/6<a href="https://infosec.exchange/tags/CVE202525257" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVE202525257</a> <a href="https://infosec.exchange/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#Fortinet</a> <a href="https://infosec.exchange/tags/FortiWeb" class="mention hashtag" rel="nofollow noopener" target="_blank">#FortiWeb</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener" target="_blank">#ThreatIntel</a> <a href="https://infosec.exchange/tags/CrowdSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#CrowdSec</a>

CrowdSec🚨 In this week’s Threat Alert Newsletter: exploitation of CVE-2025-25257 in Fortinet’s FortiWeb Fabric Connector.We break down how the exploit works, what CrowdSec sees on the network, and steps to stay protected.Read more 👇🧵1/6<a href="https://infosec.exchange/tags/CVE202525257" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVE202525257</a> <a href="https://infosec.exchange/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#Fortinet</a> <a href="https://infosec.exchange/tags/FortiWeb" class="mention hashtag" rel="nofollow noopener" target="_blank">#FortiWeb</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener" target="_blank">#ThreatIntel</a> <a href="https://infosec.exchange/tags/CrowdSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#CrowdSec</a>

CrowdSec📢 Join us for the next CrowdSec Community Office Hours!📌 This month’s focus: Acquisition & Parsing 🔍 We’ll walk through how they work together, how to troubleshoot common issues, and what to check when things don’t behave as expected.🗓️ July 16 | 🕒 5 PM CEST 📍<a href="https://app.livestorm.co/crowdsec/crowdsec-community-office-hours-july-session" rel="nofollow noopener" translate="no" target="_blank">https://app.livestorm.co/crowdsec/crowdsec-community-office-hours-july-session</a>Bring your questions or just hang out with the CrowdSec community! <a href="https://infosec.exchange/tags/CrowdSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#CrowdSec</a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cybersecurity</a> <a href="https://infosec.exchange/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSource</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/Community" class="mention hashtag" rel="nofollow noopener" target="_blank">#Community</a>

Lucas Janin 🇨🇦🇫🇷<a href="https://pouet.chapril.org/@Cyberneurones" class="u-url mention" rel="nofollow noopener" target="_blank">@Cyberneurones</a> Dans ce même sujet, j’utilise <a href="https://mastodon.social/tags/crowdsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#crowdsec</a> depuis un mois et il me semble pas mal. C'est une manière à grande échelle de partager les IP qui t'attaquent et de profiter de la même information de la communauté.

CrowdSec🔒Secure <a href="https://infosec.exchange/@caddy" class="u-url mention" rel="nofollow noopener" target="_blank">@caddy</a> with CrowdSec using Remediation and <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#AppSec</a> components. Our latest guide walks you through the process of integrating <a href="https://infosec.exchange/tags/CrowdSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#CrowdSec</a> for threat blocking and logging traffic. Follow the steps here 👉 <a href="https://crowdsec.net/blog/secure-caddy-crowdsec-remediation-waf-guide" rel="nofollow noopener" translate="no" target="_blank">https://crowdsec.net/blog/secure-caddy-crowdsec-remediation-waf-guide</a> <a href="https://infosec.exchange/tags/WAF" class="mention hashtag" rel="nofollow noopener" target="_blank">#WAF</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a>

CrowdSec🚨 New Exploits Targeting Sitecore Experience Platform (XP) Another wake-up call: Monitoring disclosed CVEs isn't enough anymore.🔍 Last week, WatchTowr Labs dropped a detailed analysis of a pre-auth RCE chain in Sitecore XP – and it didn’t take long for attackers to move.Within hours, CrowdSec’s network detected active exploitation in the wild.⚠️ Key findings: 🔹 The Vulnerability-to-Exploit Window Is Critical: Attacks now outpace CVE assignments, leaving organizations exposed during the disclosure gap. This was demonstrated when, within hours of WatchTowr’s public analysis, CrowdSec’s threat network detected three distinct IPs actively scanning and exploiting vulnerable Sitecore XP instances. 🔹 Official CVE Designation a Few Hours After WatchTowr’s Article: The flaw is now formally tracked as CVE-2025-34509, CVE-2025-34510, and CVE-2025-34511 (listed on NVD).🛠️ About the exploit: The vulnerability chain enables unauthenticated remote code execution (RCE) through Sitecore’s publishing service, allowing attackers to compromise the entire CMS without requiring credentials. Successful exploitation could lead to data theft, malware deployment, or lateral movement within affected systems.📈 Trend analysis: 🗓️ June 17: WatchTowr publishes the article. ⏱️ Hours later: CrowdSec’s decentralized threat network detected exploitation attempts from 104.248.137.152. 📍 Following days: Two more IPs (130.33.178.14, 217.156.122.239) launched aggressive scans, with 130.33.178.14 alone responsible for 50+ attacks over the weekend.🛡️ How to protect your systems: 🔹 Investigate: If your organization uses Sitecore XP, check your logs for these IPs: 130.33.178.14, 217.156.122.239, 104.248.137.152. 🔹 Patch: Do the necessary to patch your Sitecore XP CMS system. 🔹 Stay proactive: Gain additional protection by installing the Crowdsec Web Application Firewall to stay ahead of exploit attempts with 100+ virtual patching rules available: <a href="https://doc.crowdsec.net/docs/next/appsec/intro" rel="nofollow noopener" translate="no" target="_blank">https://doc.crowdsec.net/docs/next/appsec/intro</a>📣 Real-time threat intelligence is not optional. Let’s stay ahead of these threats together 👉 <a href="http://crowdsec.net" rel="nofollow noopener" translate="no" target="_blank">http://crowdsec.net</a><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener" target="_blank">#ThreatIntel</a> <a href="https://infosec.exchange/tags/RCE" class="mention hashtag" rel="nofollow noopener" target="_blank">#RCE</a> <a href="https://infosec.exchange/tags/Sitecore" class="mention hashtag" rel="nofollow noopener" target="_blank">#Sitecore</a> <a href="https://infosec.exchange/tags/CrowdSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#CrowdSec</a> <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVE</a>

CrowdSec💭 What if 50% of the malicious IPs you block aren’t even on the radar of 89 out of 92 top threat intel vendors?That’s exactly what <a href="https://infosec.exchange/tags/CrowdSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#CrowdSec</a> delivers.🛡️ Powered by a global community analyzing live attacks, 50% of our malicious IPs are unique. Get visibility others don’t have.👉 <a href="https://crowdsec.net/blocklists" rel="nofollow noopener" translate="no" target="_blank">https://crowdsec.net/blocklists</a><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/blocklists" class="mention hashtag" rel="nofollow noopener" target="_blank">#blocklists</a> <a href="https://infosec.exchange/tags/cyberthreatintelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#cyberthreatintelligence</a>

CrowdSec16% of proven-aggressive IPs CrowdSec blocks are still unknown to other vendors for 15 to 20 days. 👀 🗓️ That’s over two weeks where you’re protected while others remain exposed. How do we do it? <a href="https://infosec.exchange/tags/CrowdSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#CrowdSec</a> leverages a <a href="https://infosec.exchange/tags/collaborative" class="mention hashtag" rel="nofollow noopener" target="_blank">#collaborative</a> network of thousands of contributors worldwide, enabling us to detect and block malicious behavior before it becomes common knowledge. Learn more 👉 <a href="https://crowdsec.net/blocklists" rel="nofollow noopener" translate="no" target="_blank">https://crowdsec.net/blocklists</a><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/blocklists" class="mention hashtag" rel="nofollow noopener" target="_blank">#blocklists</a> <a href="https://infosec.exchange/tags/cyberthreatintelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#cyberthreatintelligence</a>

CrowdSec🚨 Surge in Attacks Leveraging CNVD Exploits: A Warning Sign for Global DefendersOn the 15th of May, the CrowdSec Network recorded a sharp uptick in exploitation attempts targeting three exploits that are tracked exclusively in the Chinese National Vulnerability Database (CNVD): ♦️ CNVD-2019-19299 ♦️ CNVD-2022-42853 ♦️ CNVD-2021-30167ℹ️ Key findings:While the <a href="https://infosec.exchange/tags/CrowdSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#CrowdSec</a> Network’s visibility beyond the Great <a href="https://infosec.exchange/tags/Firewall" class="mention hashtag" rel="nofollow noopener" target="_blank">#Firewall</a> is constrained, we can still observe the campaign and what else these attackers are looking for.🔹 The spike, visible in the chart, reveals coordinated scanning behavior that likely signals a broader exploitation campaign currently in motion. 🔹 Here’s the Twist: The same attacker clusters are also seen deploying vulnerabilities commonly cataloged in the NVD, targeting global software. 🔹 This mix of CNVD and CVE-based tactics suggests one thing: Attackers aren’t limiting themselves by geography, so why should defenders? 🔹 As software supply chains become increasingly globalized, relying exclusively on U.S.-centric vulnerability databases such as the NVD creates dangerous blind spots. Threat actors clearly understand this, and they are actively exploiting those gaps.🔎 Trend analysis:🔹 May 15th: CrowdSec detects a surge in scans exploiting CNVD-2019-19299, CNVD-2022-42853, and CNVD-2021-30167. Most targeted software is used in mainland China, but activity comes from global IP ranges. 🔹 Ongoing: Attacker infrastructure also launches probes for high-profile CVEs in Apache, Atlassian, and Jenkins, showing no regional constraint in their tooling. 🔹 Common TTPs: Remote code execution (RCE), abuse of default credentials, and mass scanning via compromised VPS infrastructure.✅ How to protect your systems:Thanks to CrowdSec’s global network of decentralized agents, this trend was caught early. CrowdSec users are already benefiting from real-time protection via up-to-date blocklists and mitigation rules. Want to stay protected against CNVD and CVE threats alike?🔹 Investigate: Check your software supply chain and note any pieces that might have their exploits tracked outside the NVD system, for example, you can take a closer look at the EUVD recently launched by <a href="https://respublicae.eu/@enisa_eu" class="u-url mention" rel="nofollow noopener" target="_blank">@enisa_eu</a> 🔹 Preemptive blocking: Deploy the CrowdSec WAF for automated mitigation with 100+ virtual patches and geo-aware rules: <a href="https://youtube.com/watch?v=LyNfr4QWiqw" rel="nofollow noopener" translate="no" target="_blank">https://youtube.com/watch?v=LyNfr4QWiqw</a>

R. Kirchner 🇩🇪NGINX Proxy Manager mit CrowdSec absichern - Docker-Setup unter Ubuntu schützen<a href="https://www.ksite.de/blog/nginx-proxy-manager-mit-crowdsec-absichern-docker-setup-unter-ubuntu-schuetzen/" rel="nofollow noopener" translate="no" target="_blank">https://www.ksite.de/blog/nginx-proxy-manager-mit-crowdsec-absichern-docker-setup-unter-ubuntu-schuetzen/</a><a href="https://social.ksite.de/tags/ubuntu" class="mention hashtag" rel="nofollow noopener" target="_blank">#ubuntu</a> <a href="https://social.ksite.de/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://social.ksite.de/tags/nginxproxymanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#nginxproxymanager</a> <a href="https://social.ksite.de/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#linux</a> <a href="https://social.ksite.de/tags/docker" class="mention hashtag" rel="nofollow noopener" target="_blank">#docker</a> <a href="https://social.ksite.de/tags/crowdsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#crowdsec</a>

Lucas Janin 🇨🇦🇫🇷<a href="https://chaos.social/@kubikpixel" class="u-url mention" rel="nofollow noopener" target="_blank">@kubikpixel</a> <a href="https://mastodon.social/@nixCraft" class="u-url mention" rel="nofollow noopener" target="_blank">@nixCraft</a> Oops.... Too late for my <a href="https://mastodon.social/tags/Crowdsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#Crowdsec</a> deployment to my homelab. Hope for the best 🤞🏻:-)

Lucas Janin 🇨🇦🇫🇷This week I learned to deploy <a href="https://mastodon.social/tags/Crowdsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#Crowdsec</a> in my <a href="https://mastodon.social/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#homelab</a>:- CrowdSec LAPI on an LXC in my private VLAN - Caddy-bouncer to protect my public servives - CrowdSec-firewall-bouncer-iptables on my 2 <a href="https://mastodon.social/tags/Proxmox" class="mention hashtag" rel="nofollow noopener" target="_blank">#Proxmox</a> nodes - CrowdSec agent for all my public VMs and important VMs/LXCs Of course, I created an <a href="https://mastodon.social/tags/Ansible" class="mention hashtag" rel="nofollow noopener" target="_blank">#Ansible</a> role to deploy the agent on my multiple hosts/VMs/LXCs using a certificate and a custom port, 8080 is a busy port :-)Yes, it’s overkill :-) <a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://mastodon.social/tags/selfhosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#selfhosting</a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://mastodon.social/tags/caddy" class="mention hashtag" rel="nofollow noopener" target="_blank">#caddy</a>

CrowdSecLooking to enhance your self-hosted setup with <a href="https://hachyderm.io/@traefik" class="u-url mention" rel="nofollow noopener" target="_blank">@traefik</a> v3 and CrowdSec for automated threat blocking? 🛡️Check out this step-by-step guide by community member Jonny5 covering:✅ Traefik File Provider (Services/Routers/Middleware) ✅ CrowdSec Remediation Component (for automatic IP blocking) ✅ Parser Agent Config (to detect malicious traffic) ✅ Example Configs for Plex & Web Servers Full guide 👉 <a href="https://nova-labs.net/setting-up-traefik-v3-with-file-provider-crowdsec-on-your-homelab/" rel="nofollow noopener" translate="no" target="_blank">https://nova-labs.net/setting-up-traefik-v3-with-file-provider-crowdsec-on-your-homelab/</a><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/selfhosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#selfhosted</a> <a href="https://infosec.exchange/tags/Homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#Homelab</a> <a href="https://infosec.exchange/tags/Traefik" class="mention hashtag" rel="nofollow noopener" target="_blank">#Traefik</a> <a href="https://infosec.exchange/tags/CrowdSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#CrowdSec</a>

teufel100😈Ich habe ja schon von <a href="https://social.guckt.info/tags/crowdsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#Crowdsec</a> zwei oder drei Blocklisten auf meinen Servern laufen, aber die eigene Blockliste wächst immer noch ordentlich. Mal sehen, ob ich bis Sonntag die 1.000 IPs auf der Blocklist überschreite ...

CrowdSec✨ Community spotlight time: <a href="https://bird.makeup/users/wazuh" class="u-url mention" rel="nofollow noopener" target="_blank">@wazuh</a> and <a href="https://infosec.exchange/tags/CrowdSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#CrowdSec</a> integration!We recently shared an Ambassador’s deep dive into the Wazuh-CrowdSec integration and now we’re thrilled to highlight another awesome contributor: Zafer Balkan, who developed the file plugin and helped make this integration a reality. 💪A huge shoutout to our incredible community members and Ambassadors for making CrowdSec stronger, smarter, and more resilient through their expertise. 💜🛠️ Check out Zafer’s tutorial: <a href="https://www.crowdsec.net/blog/improving-observability-crowdsec-and-wazuh-integration" rel="nofollow noopener" translate="no" target="_blank">https://www.crowdsec.net/blog/improving-observability-crowdsec-and-wazuh-integration</a><a href="https://infosec.exchange/tags/Wazuh" class="mention hashtag" rel="nofollow noopener" target="_blank">#Wazuh</a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#opensource</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a>

CrowdSecGet 7 to 60 days ahead of <a href="https://infosec.exchange/tags/attacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#attacks</a>. ⚡⏳ When malicious IPs hit the internet, every second counts. <a href="https://infosec.exchange/tags/CrowdSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#CrowdSec</a> gives you the upper hand by identifying and blocking malicious IPs days to even weeks before any other vendor on the market. How? Our real-time <a href="https://infosec.exchange/tags/collaborative" class="mention hashtag" rel="nofollow noopener" target="_blank">#collaborative</a> network of thousands of contributors feeds into our blocklists, resulting in early, accurate, and actionable <a href="https://infosec.exchange/tags/IP" class="mention hashtag" rel="nofollow noopener" target="_blank">#IP</a> intelligence. Learn more 👉 <a href="https://www.crowdsec.net/blocklists" rel="nofollow noopener" translate="no" target="_blank">https://www.crowdsec.net/blocklists</a>

Frühere Suchanfragen

Suchoptionen

Verwaltet von:

Serverstatistik:

#Crowdsec