OH:
- What does "EBITDA" mean?
- "Earnings Before Iran, Tariffs, and Donald Announcements".
OH:
- What does "EBITDA" mean?
- "Earnings Before Iran, Tariffs, and Donald Announcements".
Kaspersky has found quarter a million potential security issues in popular GitHub Actions that could lead to supply-chain attacks.
"Potential Threat: misconfigurations in GitHub Actions":
https://www.kaspersky.com/blog/github-actions-security-research/56019/
@briankrebs
Tired: The Chinese are spying on everybody via their TVs.
Wired: The Israelis are spying on everybody via the Chinese TVs.
@ryanc Put that later in the thread.
Some perspective:
"Questions for the Jedi Vice-Chair of Graduate Studies":
https://www.mcsweeneys.net/articles/questions-for-the-jedi-vice-chair-of-graduate-studies
Not sure if this is real but it sure is funny.
@GossiTheDog I have the impression that you needed some kind of permission/acknowledgement before starting to record a Teams meeting?
This is a hilarious commentary on the US/Israeli war with Iran:
"God is a comedian":
@aral Your screenshot is from mobile, mine is from desktop. That's why I supposed that the two may be offering different kinds of access.
@aral At least for Twitter, this is not true. Yeah, the page exhorts you to create an account - but it *does* show the post. At least on desktop; maybe it's different on mobile.
Trump's efficiency.
@GossiTheDog Do we really know who hit the school? Was it the USA because the AI hallucinated a target, or was it Israel because they don't give a fuck?
I hear the US military lost 3 jets to friendly fire over Kuwait. I also hear the US military is using AI. I can just see the interaction:
Slots machine vs vibe colding.
@gcluley Santa Claus is referenced several times there. What a pervert, eh?
"British Army paratrooper regiment face being sent into battle without parachutes as part of latest cost-cutting measures":
https://www.gbnews.com/news/british-army-paratroopers-no-parachutes-defence-cuts
@GossiTheDog I don't see how threatening his wife gives the US any leverage against Venezuela. Most Venezuelans are probably happy to be rid of both Maduro and his wife (although just probably would rather that this didn't involve a military invasion).
@malwaretech Ah, not quite.
The thing is, in order to do what it needs to do, AV *needs* to have kernel access. It's just that the way Windows is designed, there is no other way. (Maybe something can be done with eBPF technology but I'm not sufficiently familiar with it to tell for sure and it didn't exist back then anyway.)
Microsoft had a point - it was better if third parties didn't have this kind of access, because they could mess up things for the OS very badly. So, they tried to kick us out - not to eliminate the competition but because it make the OS more stable.
Of course, we didn't want to be driven out of business. But we knew from experience that reasoning with Microsoft was pointless, so we used lawyering.
By chance, at that time Microsoft had their own AV. Which, of course, used all kinds of undocumented APIs to do what it needed to do - APIs that we didn't have access to. So, we used the argument that Microsoft is trying to be anti-competitive. They weren't but it didn't matter. They couldn't be reasoned with, there was no other way for us to do our job, they were already scared by the anti-trust lawsuit in the USA, so they gave up and let us do what we wanted.
@GossiTheDog None here. (If I understand correctly, using the exploit would generate many connections and nothing else.) Not even authentication attempts. Just a few IPs running commands (buildinfo, listDatabases, ismaster, etc.) without prior authentication.
They seem to be looking for databases exposed to the Internet and not protected in any way? Unless something's wrong with the honeypot...
Anti-virus, malware and infosec expert, crypto amateur, privacy advocate and general annoyance.PGP keyID: 0x365697c632dd98d9
GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.
All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.