evilstevie @evilstevie@mastod1.ddns.net

choose your gender

Now I’m ready to learn about this fancy “computer programming” stuff I have heard so much about.

Doctor Who’s got a Tardis and it is fucking ace
It takes its name from the acronym for Time And Relative Dimensions In Space
He uses it for getting about to do battle with cosmic crime
It’s powered by a big round bumpy thing that propels it through space and time
It goes [VWOORP] when it starts
and [VWOORP] when it stops
These sounds bought to you courtesy of the BBC Radiophonic Workshop
-Observations On Time Travel, Doghorse

I mentioned the titanic at lunch today about the rusting rail, and someone asked if some billionaires had died and then joked about sacrificing bilionaires to the ocean gods.

@simontatham I use miniDLNA, but I do not point it at the media folder, instead I point it at a folder full of hand-crafted folders-of-symbolic-links pointing at a subset of the media folders/files. It's an elaborate and arcane solution but formed of simple and familiar elements, and it works for me.

Remote meeting tip. If you blow on your mug from time to time people never suspect that it contains wine.

MAGA: Immigrants want to eat your dogs!

RFK Jr: *coughs up hairball and collar*

Kamala Harris can easily win tonight's debate if she plays her cards right. Wear a shiny outfit. Bring a fidget spinner to the podium. Reach over to Donald and pull a nickel out from behind his ear. The goal here isn't to outsmart a political rival. It is to distract a large toddler.

Excalibeurre

Half of a crisp sandwich in front of Crisp Walk sign
#DailyCrispSandwich https://vole.wtf/buttystock/~mark-norman-francis/3/

TIL Albert Einstein was a real person. I'd always thought he was a theoretical physicist.

Tewkesbury Borough Council are on day 5 of containment for their cyber incident. Media reporting suggests they have called in GCHQ, who are local to them (it’s probably more they just reported it to NCSC).

In their updated FAQ they ask the press to stop calling them about it.

From network traffic it looks like a crimeware group. #threatintel

Halliburton are still trying to recover from their ‘cyber incident’, day 18. #threatintel

Universal Cereal Bus

@Em0nM4stodon
That EU law does not require a #CookieBanner unless the web site wants to track your clicks or sell your data.

Because people do not understand this, they think "stupid EU law" instead of...

- "website owner has no respect for consumer rights"
- "website owner has no solid business plan and just hopes for a few bucks from the advertisement industry"

#GDPR

I was just thinking to myself "How? How can I be associated in any way with orange demagogues?" & an image popped into my head, alongside the question "hang on - did I make a wotsit man in a red tie & wig?"

Anyhow, I am dashing off again now but I'm kind of glad I found this first 😆

New strap line for the website "mocking orange politicians since 2005".

#animation #silly #nonsense

"The modern era of AI calls for a risk-based approach to regulation"

No it doesn't. It calls for a consequences approach to regulation.

If your system harms someone, you decided to build and deploy it and so you are liable for damages and redress proportionate to the harm. Same as if it was a tractor. Or a cow.

Cisco security advisories includes a zero-day:

Cisco Meraki Systems Manager Agent for Windows Privilege Escalation Vulnerability
CVE-2024-20430 (7.3 medium) incorrect handling of directory search paths (CWE-427: Uncontrolled Search Path Element) to EoP
Cisco Smart Licensing Utility VulnerabilitiesCVE-2024-20439 (9.8 critical) Cisco Smart Licensing Utility Static Credential Vulnerability
CVE-2024-20440 (9.8 critical) Cisco Smart Licensing Utility Information Disclosure Vulnerability
Cisco Identity Services Engine Command Injection Vulnerability
CVE-2024-20469 (6.0 medium) insufficient validation of user-supplied input to authenticated command injection (the attacker must have valid Administrator privileges)The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability that is described in this advisory.
Cisco Expressway Edge Improper Authorization Vulnerability
CVE-2024-20497 (4.3 medium) inadequate authorization checks for Mobile and Remote Access (MRA) users could allow an attacker to intercept calls or make phone calls spoofing another phone number
Cisco Duo Epic for Hyperdrive Information Disclosure Vulnerability
CVE-2024-20503 (5.5 medium) improper storage of an unencrypted registry key could allow an authenticated, local attacker to view sensitive information in cleartext

cc: @campuscodi @briankrebs @mttaggart @deepthoughts10 @cR0w @regnil @bschwifty @arinc629 @Cali @wvu @hrbrmstr @avoidthehack @bieberium @TheDustinChilds @dreadpir8robots (make sure to remove all the mentions to avoid ReplyAll madness)

#zeroday #cisco #patchtuesday #vulnerability #CVE_2024_20469 #cve

asking linux to be quiet: ssh

@SwiftOnSecurity Watch where they get wet when they see a guillotine.