Posts
2711Following
681Followers
1505
repeated
Taggart
mttaggart@infosec.exchange
Does Tidal compensate artists fairly? I'm ready to ditch Spotify, but I'd like to do it the right way.
3
3
0
repeated
screaminggoat
screaminggoat@infosec.exchangeSophos security advisory 19 December 2024: Resolved Multiple Vulnerabilities in Sophos Firewall (CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
- CVE-2024-12727 (9.8 critical) pre-auth SQL injection vulnerability in the email protection feature of Sophos Firewall
- CVE-2024-12728 (9.8 critical) weak credentials vulnerability potentially allows privileged system access via SSH to Sophos Firewall
- CVE-2024-12729 (8.8 high) post-auth code injection vulnerability in the User Portal allows authenticated users to execute code remotely in Sophos Firewall
Sophos has not observed these vulnerabilities to be exploited at this time.
#sophos #firewall #vulnerability #cve #infosec #cybersecurity
0
3
0
buherator
buheratorhttps://www.ibm.com/support/pages/node/7179509
0
1
1
repeated
repeated
Ars Technica
arstechnica@mastodon.socialWhy AI language models choke on too much text
Compute costs scale with the square of the input size. That's not great.
https://arstechnica.com/ai/2024/12/why-ai-language-models-choke-on-too-much-text/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social
0
4
0
repeated
Aral Balkan
aral@mastodon.ar.alHeads up: Folks on #Codeberg
You might get an email belittling your project, seemingly from Michael Bell (mikedesu) via noreply@codeberg.org (an issue is created on your repo and then deleted, leading to the notification).
This appears to be part of a smear campaign someone is running that started on GitHub. e.g., see:
CC: @Codeberg – hope you can identify the account(s) responsible and block them. Example (deleted) issue: https://codeberg.org/kitten/app/issues/216
7
6
0
repeated
JdeB [216.91 ppm]
JdeB@climatejustice.social#Physics Girl #DoingBetter after #LongCovid
I owe this YouTuber a lot. She educated people on physics. Took them to places.
More than 2 years ago she got really sick with Covid that soon became Long-Covid. Earlier messages from her [partner] she was barely alive, non responsive.
If you want to check out her channel:
-> Physics Girl <-
-> youtube.com/@physicsgirl <- And please do.
Now she gives a very happy sign of emprovement I'm happy to share:
"Hello from Dianna! - Two years in bed"
by physicsgirl
https://www.youtube.com/shorts/euCkKszuWDQ
Quote by PG:
"Nov 21, 2024
Here is a small update from Dianna herself! She hasn't been able to communicate directly here on Youtube for almost 2 years now. A quick hello and thank you!"
0
2
0
repeated
buherator
buheratorhttps://googleprojectzero.blogspot.com/2024/12/the-windows-registry-adventure-5-regf.html
0
0
0
buherator
buheratorhttps://www.partywave.site/show/research/CVE-2024-44825%20-%20Invesalius%20Arbitrary%20File%20Write%20and%20Directory%20Traversal
0
0
1
repeated
stux⚡
stux@mstdn.socialIt's official.
The US is totally nuts: 🇺🇸 🥜
"BITCOIN Act of 2024"
https://www.congress.gov/bill/118th-congress/senate-bill/4912/all-info
9
4
0
buherator
buheratorhttps://www.yahoo.com/news/kidnapping-assassination-and-a-london-shoot-out-inside-the-ci-as-secret-war-plans-against-wiki-leaks-090057786.html
#frombsky
0
0
2
repeated
repeated
Alex Gantman
againsthimself@ioc.exchangeWonderfully elegant term for exploit development from 1980: "Synthetic Programming"
https://literature.hpcalc.org/items/1718
0
5
0
repeated
Taggart
mttaggart@infosec.exchangeWow, a fairly serious auth bypass in Next.js, a super popular frontend framework:
If a Next.js application is performing authorization in middleware based on pathname, it was possible for this authorization to be bypassed.
0
3
0
repeated
Ivan Ožić Bebek
obivan@infosec.exchangeUnveiling Hidden Transformers in Windows ANSI! https://worst.fit/assets/EU-24-Tsai-WorstFit-Unveiling-Hidden-Transformers-in-Windows-ANSI.pdf
0
3
0