We are glad to announce that our #IBMi research will be presented at multiple prestigious conferences this June:
At @WEareTROOPERS we will show how pentesters can adopt their Windows/*nix experiences to the platform, and discover new vulnerabilities in native IBM i programs:
https://troopers.de/troopers24/talks/7sfsbf/
At @recon will dive deep into the architecture to understand its security features and present foundational tools for low-level research:
National Health Service England (NHS): Possible Exploitation of Arcserve Unified Data Protection (UDP) Vulnerabilities
NHS England reports possible N-day exploitation attempts of Arcserve UDP following the release of proofs of concepts for 3 vulnerabilities:
Tenable released proofs of concept: Arcserve Unified Data Protection 9.2 Multiple Vulnerabilities
Based on the timeline, active exploitation occurred during an unpatched window of 8 days (13-20 March 2024)
cc: @campuscodi
#CVE_2024_0799 #CVE_2024_0800 #CVE_2024_0801 #Arcserve #eitw #activeexploitation
"Writing has been called the process by which you find out you don't know what you are talking about. Actually doing stuff meanwhile is the process by which you find out you also did not know what you were writing about." - from https://berthub.eu/articles/posts/a-2024-plea-for-lean-software/#trifecta
Hi friends,
The http://alt-text.org alt text library project needs a new leader, because I have brain cancer.
I would like to connect with the #accessibility dev community, something I have never figured out, probably in part for neurodivergence reasons. I want to hand the project off to a team or a leader if anyone is willing to take it over.
Github: https://github.com/alt-text-org
WIP MVP: a site designed for writing alt text with a private library: https://my.alt-text.org
Boosts appreciated
went down to the hotel lobby to retrieve my dinner delivery in a yoga outfit + snuggly cardigan + face mask.
some men with #RSAC2024 lanyards exited the elevator as I re-entered; they turned back to look at me and one said (very loudly, very pointedly staring at me) to the other, “I was like, did you hire me a hooker?”
if you are a man attending #rsac, please shut that kind of shit down when your peers do it. let’s not let insecurity rule our #security industry.
It was a pleasure to work with @RIOT_OS maintainers to contribute in making their RTOS more secure! https://infosec.exchange/@hnsec/112398919861504786
The way sentences containing the German character ß get longer when uppercased was specially designed to create memory problems in C programs doing string handling
finally made an "AI" category (https://www.web3isgoinggreat.com/?collection=ai) for @web3isgreat to capture all the disasters pertaining to AI-powered cryptocurrencies and cryptocurrency-powered AI
I'm proud to announce the launch of the public beta for Clew, my independent web search engine! 🎉🎉🎉
Try Clew: https://clew.se
Add to your browser: https://clew.se/add/
Clew maintains an independent index and is aiming to be a copyleft (APGLv3), self-hostable, privacy-respecting, customizable search engine which prioritizes independent creators/bloggers/writers and penalizes sites with ads and trackers.
Many features are yet to come. If you'd like to support Clew's development and server costs, you can donate to its Liberapay team: https://liberapay.com/Clew/
Boosts are very welcome, as is feedback of any kind!
Any sufficiently advanced systems thinking is indistinguishable from premature optimization
Medieval humor! 9 Astonishing Gargoyle Statues: https://streetartutopia.com/medieval-humor-9-astonishing-gargoyle-statues-a-blend-of-art-and-functionality-in-gothic-architecture/
-
Photo: At Abbey of Sainte Foy, Conques, France (c. 1107).
Kinda crazy that artificial intelligence needs the entire output of a nuclear reactor but actual intelligence can run on Twix bars and cocaine, for example.
I can finally talk about what we've been working on for the past two years(!)
Using #sigstore, GitHub now supports artifact signing, which allows you to create unforgeable provenance guarantees for any software you build inside Actions.
It's been a heck of a ride, & you can read more about (and learn how to use it) here:
https://github.blog/2024-05-02-introducing-artifact-attestations-now-in-public-beta/
protip: drawing a hilariously bad artwork in MS Paint with a mouse is a much stronger quality signal that you care about the blog post than attaching an obvious AI generation
Someone on Tumblr has made a concept for a Tarot Card deck made out of ISO hazard symbols and it goes hard:
https://www.tumblr.com/medusasstory/749203130036699136/this-is-a-nice-sign-to-look-at-1010-for
Edit: apparently this image was a WIP version, a final, printable version is available here: https://organical-mechanical.itch.io/iso-tarot
Good luck everyone!
#DEFCON #CTF
https://defcon.social/@nautilusinstitute/112344576931750426
😡 @EDPS is giving up on its @Mastodon and @peertube experiment because it couldn’t find an EU agency to continue operating it.
I hope @EU_Commission can find a new home for it before May 18th as the executive body.