Skip Navigation
Jump
Any sci-fi with aliens where humans are not the less advanced race?
  • If you haven’t read The Culture by Iain Banks, it’s among the best and most enjoyable sci-fi ever, in my opinion. The humans of the culture are quite near the most advanced in the universe, but there are entities more advanced, their own AI ships, prominently, but other species too that chose to “sublime” and exist outside of the normal universe, but because of that such ones are ever barely around. The humans of the culture could evolve that far too, but didn’t choose to do so yet in the series.

    6
  • Jump
    What can be done when the only admin of an instance goes missing?
  • Probably like me and our instance, it runs as an extra on a company server, there’s no risk of it going down, it’s negligible for costs.

    It’s just been one of the most popular months for vacation, gone on vacation, will update Lemmy instance to latest version when get around to it.

    8
  • Jump
    How do I avoid becoming a crotchety old man? I’m seriously asking.
  • Mirror the profile of actually happy, older people who have lives you would like to have.

    Take care of your health, eat well and exercise.

    Be successful: you don’t have to be rapacious, but there is a level of financial success and stability that definitely decreases stress and affords more opportunities, like travel and hobbies.

    Be social: the happiest people have strong social networks.

    Be wise: don’t worry about what you can’t change, but be engaged and try to make the world a better place.

    2
  • Jump
    Twitter traffic appears to be declining since the beginning of the 2023 calendar year
  • Does Twitter use Cloudflare? I hate anything Elon and want him to fail, but it would be kinda crazy for the CEO of a company I use services with to broadcast an embarrassing indicator to the world that my business isn’t going well.

    7
  • arstechnica.com 336,000 servers remain unpatched against critical Fortigate vulnerability

    69 percent of devices have yet to receive patch for flaw allowing remote code execution.

    Researchers say that nearly 336,000 devices exposed to the Internet remain vulnerable to a critical vulnerability in firewalls sold by Fortinet because admins have yet to install patches the company released three weeks ago.

    CVE-2023-27997 is a remote code execution in Fortigate VPNs, which are included in the company’s firewalls. The vulnerability, which stems from a heap overflow bug, has a severity rating of 9.8 out of 10. Fortinet released updates silently patching the flaw on June 8 and disclosed it four days later in an advisory that said it may have been exploited in targeted attacks. That same day, the US Cybersecurity and Infrastructure Security Administration added it to its catalog of known exploited vulnerabilities and gave federal agencies until Tuesday to patch it.

    0

    The Russian-linked hacktivist group NoName has been relentlessly targeting the Ukrainian financial sector in its latest campaign against the war-torn nation.

    “We will start today's journey with an attack on the financial sector of Ukraine,” the gang posted on their encrypted Telegram channel June 27.

    Since the threat actors edict four days ago, nearly a dozen major Ukrainian banks have been hit daily by the gang’s signature DDoS attack method.

    Targets include four of the nation's largest commercial banks, including First Ukrainian International Bank (PUMB), State Savings Bank of Ukraine (Oshchadbank), Credit Agricole Bank, and Universal Bank.

    The pro-Russian hacking conglomerate, official known in the security world as NoName057(16), said its latest campaign is aimed at disrupting Ukraine’s online banking Internet infrastructure.

    Besides claiming to have knocked several of the bank websites completely offline, the gang has also specifically gone after authorization services, login portals, customer service systems, and loan processing services.

    0
    https:// www.mitre.org /news-insights/impact-story/quick-response-initiative-brings-year-mitre-support-ukraine

    A year after the Russian invasion of Ukraine, MITRE efforts to develop and deliver needed technology and relief endure, and grow, helping the people on the ground who need it most .

    When Russian forces invaded Ukraine, SpaceX sent Starlink satellite internet kits to counter Russian attacks disrupting the country’s internet service. But Starlink technology needs a reliable power source and secure connection to the satellite constellation that processes communications signals. The designers didn’t intend it to be portable or to function in a war zone. Humanitarian and aid-group relief workers in Ukraine needed a system with added resilience.

    Enter MITRE. Engineer Joseph Roth and team designed the Starlink Advantage kit to provide energy-independent, reliable access that incorporates cybersecurity, as well as protection from physical targeting. A tote can hold all the components: a terminal providing 100+ mbps internet speed, a VPN-secured Wi-Fi router, a battery-powered/solar panel generator, a laptop, a car adapter, and technology to protect the network from missile strikes.

    0
    www.microsoft.com IoT devices and Linux-based systems targeted by OpenSSH trojan campaign | Microsoft Security Blog

    Microsoft has uncovered an attack leveraging custom and open-source tools to target internet-facing IoT devices and Linux-based systems. The attack involves deploying a patched version of OpenSSH on affected devices to allow root login and the hijack of SSH credentials.

    Microsoft researchers have recently discovered an attack leveraging custom and open-source tools to target internet-facing Linux-based systems and IoT devices. The attack uses a patched version of OpenSSH to take control of impacted devices and install cryptomining malware.

    Utilizing an established criminal infrastructure that has incorporated the use of a Southeast Asian financial institution’s subdomain as a command and control (C2) server, the threat actors behind the attack use a backdoor that deploys a wide array of tools and components such as rootkits and an IRC bot to steal device resources for mining operations. The backdoor also installs a patched version of OpenSSH on affected devices, allowing threat actors to hijack SSH credentials, move laterally within the network, and conceal malicious SSH connections. The complexity and scope of this attack are indicative of the efforts attackers make to evade detection.

    0
    flashpoint.io Days of Chaos: How OSINT Helps Us Understand the Putin-Prigozhin Schism

    Over the course of two days, social media and messaging platforms like Telegram played a key role in understanding events, rumors, and ideas surrounding the Putin-Prigozhin schism.

    0
    therecord.media SolarWinds says SEC investigation ‘progressing to charges’

    SolarWinds — the technology firm at the center of a December 2020 hack that affected multiple U.S. government agencies — said its executives may soon face charges from the U.S. Securities and Exchange Commission (SEC) for its response to the incident.

    SolarWinds — the technology firm at the center of a December 2020 hack that affected multiple U.S. government agencies — said its executives may soon face charges from the U.S. Securities and Exchange Commission (SEC) for its response to the incident.

    The widespread hack – which the U.S. government attributed to the Russian Foreign Intelligence Service – affected several large companies as well as the Defense Department, Justice Department, Commerce Department, Treasury Department, the Department of Homeland Security, the State Department, the Department of Energy and more.

    Hackers found a way to insert malware into a version of the company’s Orion IT monitoring application, allowing Russian operatives to gain a foothold in high-value targets. They used the access to deploy additional malware to compromise internal and cloud-based systems and steal sensitive information over several months.

    0
    cyberscoop.com Hackers attack Russian satellite telecom provider, claim affiliation with Wagner Group

    The attackers released nearly 700 files associated with the attack.

    Unidentified hackers claimed to have targeted Dozor, a satellite telecommunications provider that services power lines, oil fields, Russian military units and the Federal Security Service (FSB), among others, according to a message posted to Telegram late Wednesday night.

    “The DoZor satellite provider (Amtel group of companies), which serves power lines, oil fields, military units of the Russian Defense Ministry, the Federal Security Service, the pension fund and many other projects, including the northern merchant fleet and the Bilibino nuclear power plant, went to rest,” the group’s first message read, according to a translation. “Part of the satellite terminals failed, the switches rebooted, the information on the servers was destroyed.”

    0
    thehackernews.com Microsoft Warns of Widescale Credential Stealing Attacks by Russian Hackers

    Microsoft exposes a surge in credential-stealing attacks by Russian hacker group Midnight Blizzard.

    Microsoft has disclosed that it's detected a spike in credential-stealing attacks conducted by the Russian state-affiliated hacker group known as Midnight Blizzard.

    The intrusions, which made use of residential proxy services to obfuscate the source IP address of the attacks, target governments, IT service providers, NGOs, defense, and critical manufacturing sectors, the tech giant's threat intelligence team said.

    Midnight Blizzard, formerly known as Nobelium, is also tracked under the monikers APT29, Cozy Bear, Iron Hemlock, and The Dukes.

    The group, which drew worldwide attention for the SolarWinds supply chain compromise in December 2020, has continued to rely on unseen tooling in its targeted attacks aimed at foreign ministries and diplomatic entities.

    0
    www.tripwire.com BlackLotus bootkit patch may bring "false sense of security", warns NSA

    The NSA has published a guide about how to mitigate against attacks involving the BlackLotus bootkit malware.

    BlackLotus is a sophisticated piece of malware that can infect a computer's low-level firmware, bypassing the Secure Boot defences built into Windows 10 and Windows 11, and allowing the execution of malicious code before a PC's operating system and security defences have loaded.

    In this way, attackers could disable security measures such as BitLocker and Windows Defender, without triggering alarms, and deploy BlackLotus's built-in protection against the bootkit's own removal.

    Although Microsoft issued a patch for the flaw in Secure Boot back in January 2022, its exploitation remains possible as the affected, validly-signed binaries have not been added to the UEFI revocation list.

    Earlier this year, security researchers explained how BlackLotus was taking advantage of this, "bringing its own copies of legitimate – but vulnerable – binaries to the system in order to exploit the vulnerability."

    According to the NSA, there is "significant confusion" about the threat posed by BlackLotus:

    “Some organizations use terms like 'unstoppable,' 'unkillable,' and 'unpatchable' to describe the threat. Other organizations believe there is no threat due to patches that Microsoft released in January 2022 and early 2023 for supported versions of Windows. The risk exists somewhere between both extremes."

    According to the NSA's advisory, patching Windows 10 and Windows 11 against the vulnerabilities is only "a good first step."

    In its mitigation guide, the agency details additional steps for hardening systems.

    However, as they involve changes to how UEFI Secure Boot is configured they should be undertaken with caution - as they cannot be reversed once activated, and could leave current Windows boot media unusable if mistakes are made.

    "Protecting systems against BlackLotus is not a simple fix," said NSA platform security analyst Zachary Blum.

    0
    www.darkreading.com China's 'Volt Typhoon' APT Now Exploits Zoho ManageEngine

    A recent campaign shows that the politically motivated threat actor has more tricks up its sleeve than previously known, targeting an old RCE flaw and wiping logs to cover their tracks.

    The recently discovered Chinese state-backed advanced persistent threat (APT) "Volt Typhoon," aka "Vanguard Panda," has been spotted using a critical vulnerability in Zoho's ManageEngine ADSelfService Plus, a single sign-on and password management solution. And it's now sporting plenty of previously undisclosed stealth mechanisms.

    Volt Typhoon came to the fore last month, thanks to joint reports from Microsoft and various government agencies. The reports highlighted the group's infection of critical infrastructure in the Pacific region, to be used as a possible future beachhead in the event of conflict with Taiwan.

    0
    cyberscoop.com Apple issues emergency patch to address alleged spyware vulnerability

    The fix follows allegations from a Russian intelligence service that an intentional flaw in iPhones provided a gateway for American espionage.

    Apple issued a security update on Wednesday for all its operating systems to patch dangerous vulnerabilities that could allow attackers to take over someone’s entire device.

    The vulnerabilities in question, first revealed on June 1, appeared to have led the main Russian intelligence agency to make unusually public claims that Apple intentionally left the flaws in its iOS so the National Security Agency and other U.S. entities could compromise “thousands” of iPhones in Russia. Apple has denied those claims.

    The charges from the Federal Security Service, or FSB, came the same day that researchers with cybersecurity firm Kaspersky published a report detailing what they said was an “ongoing” zero-click iMessage exploit campaign dubbed “Operation Triangulation” targeting iOS that allowed attackers to run code on phones with root privileges, among other capabilities. Kaspersky published an additional analysis Wednesday, saying that after roughly six months of collecting and analyzing the data, “we have finished analyzing the spyware implant and are ready to share the details.”

    0
    www.csoonline.com How CISOs can balance the risks and benefits of AI

    Rapid growth and development of AI is pushing the limits of cybersecurity and CISOs must take charge now to be ahead of a range of risks including data leak, compliance and prompt injection attacks.

    The rapid pace of change in AI makes it difficult to weigh the technology's risks and benefits and CISOs should not wait to take charge of the situation. Risks range from prompt injection attacks, data leakage, and governance and compliance.

    All AI projects have these issues to some extent, but the rapid growth and deployment of generative AI is stressing the limits of existing controls while also opening new lines of vulnerability.

    If market research is any indication of where the use of AI is going, CISOs can expect 70% of organizations to explore generative AI driven by the use of ChatGPT. Nearly all business leaders say their company is prioritizing at least one initiative related to AI systems in the near term, according to a May PricewaterhouseCoopers’ report.

    0
    informationsecuritybuzz.com The Role Of Impactful Penetration Testing Amid Rise Of AI-Powered Threat Actors

    It’s no secret that penetration testing is among the most effective methodologies for helping determine an organization’s risk posture.

    The rise of ChatGPT has been well-documented as a cybercrime gamechanger, democratizing highly advanced tactics, techniques, and procedures (TTPs) so average adversarial threat actors can increase lethality at low costs. Empowering run-of-the-mill hackers to continuously punch above their weight class will only continue to amplify the volume and velocity of attacks. heightening the importance of effective penetration testing programs that help mitigate the severe business impact of breaches. On average, victims lost a record-high $9.4 million per breach in 2022.

    Compounding the issue is a pattern of poor security posture across the public and private sectors. SANS 2022 Ethical Hacking Survey found that more than three-quarters of respondents indicated “only a few or some” organizations have effective Network Detection and Response (NDR) capabilities in place to stop an attack in real-time. Furthermore, nearly 50% said that most organizations are either moderately or highly incapable of detecting and preventing cloud- and application-specific breaches. It’s clear that more must be done to swing the balance of power away from adversaries.

    Enter penetration testing, which can provide unrivalled contextual awareness for refining cyber defences, threat remediation, and recovery processes within an overarching risk management architecture. For organizations implementing penetration testing programs at scale, keep the following fundamental tenets top of mind to maximize impact.

    0
    www.helpnetsecurity.com Week in review: Microsoft confirms DDoS attacks on M365 and Azure Portal, Infosecurity Europe 2023 - Help Net Security

    Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Unraveling the multifaceted threats facing telecom

    Microsoft Teams vulnerability allows attackers to deliver malware to employees Security researchers have uncovered a bug that could allow attackers to deliver malware directly into employees’ Microsoft Teams inbox.

    Apple fixes zero-day vulnerabilities used to covertly deliver spyware (CVE-2023-32435) Apple has released patches for three zero-day vulnerabilities (CVE-2023-32434, CVE-2023-32435, CVE-2023-32439) exploited in the wild.

    VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887) CVE-2023-20887, a pre-authentication command injection vulnerability in VMware Aria Operations for Networks (formerly vRealize Network Insight), has been spotted being exploited in the wild.

    0