Are you looking forward to any streaming shows?
Eh - maybe just one.
#Fallout4 #FalloutSeason2 #NexusMods

Whatcha thinking about there, kitty?

Oh man, so I'm looking to relax and put on some #StarTrek. Next up in the queue is #STNG S7E18, "Eye of the Beholder", and WHAM deep talk about #suicide . Listening to Data relate his exp…

LOL #LibreOffice na #macOS jest w #AppStore za 39.99 zł 🤣 Oczywiście przy instalacji z .dmg pobranego ze strony projektu jest za darmo.

The Register commenters FTW again 🙂
#Copilot #Microsoft

As brachiosaurus could reach a height of 1216 meters, eh? That's like a quarter of Mount Everest

When you're trying to get #Google to help them fix a problem they have in relaying an email to a list (they are forwarding as if it they are originating your non-GMail email, thus incurring an SPF failure) their helpful support team to the rescue (see image attached).
FYI... the second thing they want is a screen cap of the client SMTP config.
Very temped to send a screenshot wit…

And now that I'm below poly, I think it's time to give my microscope a well-deserved break from the near-constant imaging it's been doing the past few weeks.
369963 photos totaling 203.4 GB. Over a hundred hours of imaging time averaging around 3000 photos an hour. 27 etch cycles, 72 imaging runs.
I'll start shooting some analysis video later today talking about the device floorplan and such. But as a teaser, here's the final image just after stripping poly bu…

Before you leave for the weekend (or maybe even a long holiday break), make sure you check out today's Metacurity for the most critical infosec developments you should know, including
--The UK Foreign Office was hacked in October
--Delay in keystroke led Amazon to imposter discovery,
--A second suspect was arrested in an attempted Italian ferry malware attack,
--Denmark blames Russia for destructive cyberattacks,
--LongNosedGoblin is targeting SE Asian and Ja…

The UK Foreign Office was hacked in October
Delay in keystroke led Amazon to imposter discovery, A second suspect was arrested in an attempted Italian ferry malware attack, Denmark blames Russia for destructive cyberattacks, LongNosedGoblin is targeting SE Asian and Japanese governments, NHS tech company hit with cyber incident, much more

From @…:
https://gothamist.com/news/lawmakers-arrested-demanding-entry-to-immigrant-deten…

Lawmakers arrested demanding entry to immigrant detention at 26 Federal Plaza in Manhattan
City Comptroller Brad Lander was among those arrested.

Folks, I have a friend's internal hard drive here that is likely still good, but will not mount. There are family photos on it. What are good solutions for this, especially in the Seattle area? I'd like to hand-deliver if possible.

Gary rocks!

After #cloudflare , GitHub seems to have also some issues tonight.
#github #internet

#meme

A good friend of mine has the Muppet character "Beaker" as his avatar. For reasons.
He offers me advice. I offer him advice. We chat. These are #ChatsWithBeaker
#AWS #awsuseast1

Czy ktoś mi może potwierdzić co dokładnie widać w świetle latarki? Czy to drobinki wody potocznie zwane mgłą czy też jakiś syf w powietrzu?

Suspicions in the crypto community point to AI-supported hackers carrying out a concentrated campaign to steal around $5 million in old and sometimes abandoned DeFi projects.
Is an AI hacker targeting old DeFi projects in $5M spree?
https://protos.com/is-an-ai-hacker-tar

Is an AI hacker targeting old DeFi projects in $5M spree?
Old Ribbon Finance, Yearn Finance and Rari Capital contracts were hacked. Are attackers using AI to scan for missed opportunities in DeFi?

:3

Monday jam: R.L. Burnside | It's Bad You Know | #blues

It's Bad You Know by R.L. Burnside
Listen now on your favorite streaming service. Powered by Songlink/Odesli, an on-demand, customizable smart link service to help you share songs, albums, podcasts and more.

RE: https://infosec.exchange/@saraislet/115409648180155252
I should write a talk on cloud security vs bear metal security
Something like this:
"I'm Sarai Rosenberg, and I've been responsible for securing one of the largest cloud …

As usual, STMicro makes silicon I mostly like, but I don't like their packages.
Here's the STM32MP257 TFBGA436 package with balls color coded (somewhat roughly) by power domain/function. I grouped some similar rails together e.g. all low voltage digital core balls are the same color (orange) even though there's multiple 0.8 / 0.82 / 0.9V domains there. All IO power (except dedicated PHY rails) is magenta regardless of which bank(s) it's for.
Things of note:
…

#BetterBeBertaBeef #Letterkenny

Meow Meow Meow :3

So the foreign power (cough, cough, Russia) might have tried to hack two Italian ferries.
Authorities in Naples arrested a second Latvian national on board a vessel in Naples, raising the prospect that two different ships may have been involved
https://maritime-executive.com/arti…

Second Seafarer Arrested in Ferry Malware Case
 Italian police have arrested a second Latvian suspect in connection with an attempted malware attack aboard a Mediterranean ferry, expanding the inte...

This tree ornament sure is hard to photograph

Właśnie się zorientowałem, że #Synology wycofało aplikację #SynologyDrive z #macOS… Z tego co widzę nie ma żadnej oficjalnej alternatywy. Jak zatem teraz mam się łączyć z moim nosem na MacBooku?…

STM32MP2 update: I think I have a pretty decent idea of how to boot the second A35 core (core 1) once I have core 0 running.
Still working on how to start core 0 so I can get to that point.
I'm just gonna go out on a limb here and say this probably isn't how ST intends you to figure out the boot chain though...

#ShamelesslyStolenFromTumblr

The cyber news machine never stops cranking away, so check out today's Metacurity for the most critical infosec developments you should know, including
--The US, UK, and Australia sanction Russian bulletproof hosting providers,
--Alice Guo sentenced to life for running scam compound,
--Samourai Wallet operator sentenced to four years,
--SK Telecom rejects breach mediation proposal,
--USBP is massively surveilling Americans,
--Trump to preempt state AI …

The US, UK, and Australia sanction Russian bulletproof hosting providers
Alice Guo sentenced to life for running scam compound, Samourai Wallet operator sentenced to four years, SK Telecom rejects breach mediation proposal, USBP is massively surveilling Americans, Trump to preempt state AI safety laws, Eternidade Stealer gets more aggressive in Brazil, much more

:blep:

An artist and their helper

#ShamelesslyStolenFromTumblr

Continuing work on the PIC12F683 video. Ripped out all of the early rambling guesswork floorplan analysis I did on the top metal and replaced it with a much more in-depth floorplan discussion looking at the substrate-level floorplan.
Video is now just shy of an hour 20 in length and I still need to add:
* Quick intro to digital CMOS layout and standard cells (planning to film this tonight)
* Deep dive on SRAM
* Deep dive on flash
* Deep dive on fuses/configuration…

Alice Guo, Chinese national who ran huge scam centre while Philippines mayor, sentenced to life in prison
https://www.theguardian.com/world/2025/nov/20/alice-guo-chinese-nat…

Alice Guo, Chinese national who ran huge scam centre while Philippines mayor, sentenced to life in prison
Guo, who pretended to be Filipina to become mayor, found guilty of human trafficking after raid on compound where more than 700 people were forced to run scams

#protip dla migrujących #Signal
Na obu telefonach zaktualizuj aplikację do najnowszej wersji, bo inaczej po zeskanowania kodu QR wyskoczy błąd. Niestety appka nie podsuwa prostego rozwiązania "zaktualizuj mnie" tylko musisz się domyślić. Żona przez tydzień nie mogła zmigrować, bo na s…

What's the best way to get these back in the case? :neocat_woozy:

#ShamelesslyStolenFromTumblr

The US and the UK and Australia are going after bulletproof hosting companies.
United States, Australia, and United Kingdom Sanction Russian Cybercrime Infrastructure Supporting Ransomware
https://home.treasury.gov/news/press-releases/sb0319

United States, Australia, and United Kingdom Sanction Russian Cybercrime Infrastructure Supporting Ransomware
.caption > figcaption { text-align: center; font-style: italic; } WASHINGTON — Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC), Australia’s Department of Foreign Affairs and Trade, and the United Kingdom’s Foreign Commonwealth and Development Office are announcing coordinated sanctions targeting Media Land, a Russia-based bulletproof hosting (BPH) service provider, for its role in supporting ransomware operations and other forms of cybercrime.  OFAC is a…

Browsing my timeline

Tak wiele ciekawostek związanych z #macOS omijało mnie poprzez automatyczne migrowanie z jednego #Macbook na drugi. Dopiero teraz, gdy stwierdziłem, że zrobię wszystko od nowa, bo pora na katharsis, to odkrywam kwiatki.

Uh, Cait - we probably need to talk about your bodycount. . .
#Fallout4

:finger_point:⁠boop

Check out today's Metacurity for the most critical cybersecurity developments you should know, including
--MI5 warns that China uses LinkedIn to recruit and compromise lawmakers,
--WhatsApp feature can extract 3.5B users' phone numbers,
--Police raid KT for allegedly hiding breach evidence,
--Beijing rumors cost TP-Link $1B,
--LG Energy Solution was hit by a cyberattack,
--Airlines won't sell passenger data to the US,
--Toronto schools wer…

MI5 warns that China uses LinkedIn to recruit and compromise lawmakers
WhatsApp feature can extract 3.5B users' phone numbers, Police raid KT for allegedly hiding breach evidence, Beijing rumors cost TP-Link $1B, LG Energy Solution was hit by a cyberattack, Airlines won't sell passenger data to the US, Toronto schools weren't prepared for PowerSchool breach, much more

FACT: 90% of belly rub addicts quit right before they're about to feel the best belly floof ever.

All those allegations that China is using TP-Link routers to spy or to lay the groundworks for attacks or whatever have cost the California-based but Chinese-owned company $1 billion, according to a lawsuit filed by TP-Link against Netgear.
Fwiw, the allegations began in Washington and were wholly unfounded, but that hasn't slowed the drumbeat to ban TP-Link.

No evidence that TP-Link routers are a Chinese security threat
Despite a request for a US government investigation into Chinese-made TP-Link, evidence presented by a US House committee fails to support allegations they are a national security risk, experts say.

Playing the kitty bagpipes

Cat butt coffee mug 🧐

Totally behind a paywall but Scott Horton @robertscotthorton.bsky.social summarizes the article as follows: Dutch intelligence suspends sharing arrangements with the US after concluding that high level intel was routinely being shared by the White House with their friends in the Kremlin.

Nederlandse diensten delen minder informatie met de VS: ‘Soms vertellen we dingen niet meer’
Het aantal dreigingen dat op Nederland afkomt is groot, zien de hoofden van de AIVD en de MIVD elke dag: niet alleen Russische agressie, maar ook de opmars van China als digitale macht en binnenlands terrorisme. En dan worden de inlichtingenbanden met de VS ook nog gewogen.

It's time for your purrformance review.

Another airline hit by a criminal extortion group, this time Clop.
Regional airline Envoy Air confirms Oracle E-Business Suite compromise
https://therecord.media/regional-airline-envoy-oracle

Regional airline Envoy Air confirms Oracle E-Business Suite compromise
The regional American airline Envoy Air confirmed that its IT system was impacted by a recent hacking campaign targeting Oracle E-Business Suite.

Booby trap!

So - babysitting the sister's dog while they're out of town checking out universities for the nephews. Finally got these two to get along and they crashed for the night.
Well - at 03:20 this morning - there was a cacophony in the back yard, and these two idiots ran up there and started barking. As it turns out - there was a young man wearing a hoodie and nothing else - yelling and cursing, eventually throwing around the lawn chairs that were in the back yard.
He tried a…

OYO Hotel & Casino Las Vegas (formerly Hooters Hotel & Casino) was hit by a ransomware attack in January. Apparently, LockBit was the culprit.
https://www.casino.org/news/another-las-vegas-casino-suffered-major-data-breach-in-january/

Another Las Vegas Casino Suffered Major Cyberattack — Back in January
The OYO Hotel & Casino Las Vegas (formerly Hooters Hotel & Casino) suffered a significant cyberattack in January 2025, according to court filings first reported by Crain's New York Business on October 14, 2025. The resulting data breach reportedly compromised the personal information of 4,700 casino and hotel guests and employees. The cyber attack surfaced

Hackers expose identities of 17 Israeli military scientists
https://en.mehrnews.com/news/237838/Hackers-expose-identities-of-17-Israeli-military-scientists

Hackers expose identities of 17 Israeli military scientists
TEHRAN, Oct. 19 (MNA) – The hacker group known as “Handala” has, for the first time, released the identities and personal details of 17 senior Israeli military scientists

😆
Six hacker wallets sold ETH during the crypto crash on October 10, locking in heavy losses and rebuying at higher prices.
Hackers Lost $13M in ETH After Panic Selling and Rebuying at Higher Prices
https://coincentral.com/hackers-lost-1

Hackers Lost $13M in ETH After Panic Selling and Rebuying
Hackers lost $13.4M in ETH by selling low and buying high during the Oct. 10 crypto market crash, blockchain data reveals.

TAS for Zork I 100% on Apple II (2025-07-29)
:blinking_cursor: https://tasvideos.org/Forum/Posts/537196

Post by Sand
MS-DOS Games → Zork (no, really!) Subject: Baseline TAS for Apple II Here's a first draft of a TAS of Zork I for Apple II. It uses revision 88 of the game, which, according to a survey by Data Driven Gamer, is "by far the most widely distributed version". The total time is 18871 frames or 5:14.52, in 258 moves. User movie #638893574504520990 (Since this TAS is for Apple II, I debated about whether to add it to this thread here in the

According to the Daily Mail, Russian hackers have stolen hundreds of sensitive military documents containing details of eight RAF and Royal Navy bases as well as Ministry of Defence staff names and emails and posted them on the dark web.
https://www.dailymail.co.uk/news/…

'Catastrophic' attack as Russians hack files on EIGHT MoD bases and post them on the dark web
In what has been described as a 'catastrophic' security breach, cybercriminals accessed the cache of files by hacking a maintenance contractor used by the MoD.

Oi brain... Stop that.
https://xkcd.com/390

Nightmares

Cybersecurity is never not insanely busy so check out today's Metacurity for the most critical infosec developments you might have missed over the weekend, including
--China says the US attacked mobile devices of timekeeping agency,
--F5 hackers lurked in company's systems for years,
--Cyberattack on supplier is disrupting Japanese retailers,
--Russian hackers stole sensitive UK military documents,
--Envoy Air hacked by Clop,
--Pro-Palestine hackers…

China says the US attacked mobile devices of timekeeping agency
F5 hackers lurked in company's systems for years, Cyberattack on supplier is disrupting Japanese retailers, Russian hackers stole sensitive UK military documents, Envoy Air hacked by Clop, Pro-Palestine hackers expose top Israeli military researchers, much more

Holy sh*t, what timing. The National Nuclear Security Administration, or NNSA, is furloughing 1,400 people on a day that I broke the story that a foreign threat actor infiltrated the NNSA's Kansas City manufacturing plant.
This story broke after my exclusive on how foreign threat actors infiltrated the NNSA''s Kansas City plant went live.

Federal agency overseeing US nuclear stockpile will furlough most of its workforce starting Monday
The federal agency responsible for overseeing and modernizing the US nuclear stockpile will furlough the vast majority of its staff Monday as the government shutdown drags on, according to the Department of Energy.

This has only happened once before, but today I have two big stories appearing in two publications.
The first, an exclusive which just kind of dropped in my lap, is my latest CSO piece, which reports that foreign threat actors infiltrated the Kansas City National Security Campus (KCNSC), a manufacturing facility that produces roughly 80% of the non-nuclear parts in the nation’s nuclear weapons stockpile.
Experts say this incident underscores the need to protect operational techn…

Foreign hackers breached a US nuclear weapons plant via SharePoint flaws
A foreign actor infiltrated the National Nuclear Security Administration’s Kansas City National Security Campus through vulnerabilities in Microsoft’s SharePoint browser-based app, raising questions about the need to solidify further federal IT/OT security protections.

The official Xubuntu website was compromised over the weekend (18/19 October 2025) briefly serving up Windows malware to users trying to download the distro.
https://www.omgubuntu.co.uk/2025/10/xubuntu-website-malware-hack

Xubuntu Website Compromised, Served Malware Downloads - OMG! Ubuntu
The official Xubuntu website briefly served Windows malware to users trying to download the distro between 18-19 October. ISOs were not affected.

2025 was huge for the #Caturday
Mad respect to all the cats, pretty kitties, and human servants making this movement unstoppable

RE: https://infosec.exchange/@metacurity/115584342649529214
A district court judge dismissed most of the SEC’s claims in July 2024. SolarWinds and the SEC recently reached a settlement on the remaining charges.
The SEC's lawsuit was flimsy, …

What is your preferred gaming input device? :blobcatgamer:

... is when you try to get the kitty to catch the toy, right? :neocat_woozy:

This is great news, particularly for CISO Tim Brown, who unfairly paid a big price when the SEC wrongly brought charges against him.
"The US Securities and Exchange Commission today filed a joint stipulation with Defendants SolarWinds Corporation and its Chief Information Security Officer, Timothy G. Brown, to dismiss, with prejudice, the Commission’s ongoing civil enforcement action."

RE: https://mastodon.social/@LanceJZ/115753199788467220
Me after working (an hour) at the Hard Day factory

I Can Believe It's Not Butter, But Choose Not To

boops @…

Steals your dairy products
Now it's nacho cheese!

"Ryan Clifford Goldberg, a former incident response supervisor at Sygnia Consulting Ltd., and Kevin Tyler Martin, who was a ransomware negotiator for DigitalMint, pleaded guilty to one count each of conspiracy to interfere with commerce by extortion."
ht…

☞Liminality☜

Them: *holding a kitten* Do you want to see the rest of them in my unmarked van down that alley?
Me: Just who do you take me for!? Of course I want to see!!

I've said this before, but all these publications that write news stories about what ransomware and other threat actors claim on their leak sites are a scourge on cybersecurity reporting. They are posting false brags and playing right into threat actors' hands. They should be ashamed.

Soneone stole my Burger King order 😿

Good piece on SolarWinds' Tim Brown that illustrates the emotional damage cyber incidents pose to defenders.
‘I lost 25 pounds in 20 days’: what it’s like to be on the frontline of a global cyber-attack
https://www.theguardian.com/technology/202

✨ Chat with your Deleted Files?

Vocus, the parent company for Dodo and iPrimus, said in a statement that 1600 home internet and mobile customers had been affected by a hack on the businesses email and mobile services.
Fourth largest telco confirms cybersecurity breach impacting 1600 Aussies

RE: https://mastodon.social/@nixCraft/115581683201654524
Be careful out there everyone. I had my Samsung Galaxy in my car and someone broke in and left 2 more!

So my other big piece of the day is an inside look at the struggle for the future of the CVE program that just went live at CyberScoop.
Many thanks to Jay Jacobs of Empirical Security, Nick Leiserson of the Institute for Security and Technology, Mitchel Herckis of Wiz, Brian Fox of Sonatype, Peter Allor of the CVE Foundation, Ben Edwards of Bitsight and a few experts who go unnamed for their insight.

Maybe the real treasure was the pre-genAI videos and photos we collected along the way.

⚠️ Error: You must be online to delete local files.

Jupiter has 97 moons and an outrageous werewolf problem

💤

I'm glad I saved plenty of older cat videos and memes, now that AI is poisoning the sacred cat media.
I hate having to intensely scrutinize all the newer stuff. 😾

Which big tech service is going down next?

You might think Ben's fursona is a monkey (because of his username @…⁠), but it's actually bread 🍞

❌ Interior Design
👉 Ulterior Design

Why would you fire a fox?

[trying to flirt] Are you toxoplasma gondii infect cat poop, because you're altering my behavior and are hard to ignore sitting in the corner

ADHD: I struggle with repetitive things
Autism: I struggle with new things
AuDHD: I struggle...

Are you a Fediverse reward member?

cat-related immobility syndrome

These French Crown Jewels sure do look nice on my cats!

Any tree brought into the house is now property of the cat(s).
Law of the Kitty § 137.TR33

No snow? No problem! ⛄

Dora, the kitten, likes to nap in bowls. You might even say it's adorable...

Why tire yourself out bathing when you can oursource?

Fluffy kitty vs 7 very happy void puppies