Doing the cybersec work in Norway | both blue and red team experience Crazy cat gentleman
Lurks more than posts
Lars Erik Braatveit
- 30 Followers
- 128 Following
- 392 Posts
C J Silverio
JenniferplusplusI wrote about AI again. On some level I don't now why I do this to myself
https://jenniferplusplus.com/what-is-a-token/
Actually, I wrote most of it months ago, for work. But, it was well received, so I put it on my blog. This is the more generic version.
The short version is that AI is not magic. It's a real phenomenon with real behavior and tradeoffs. I'm deeply tired of *****ALL***** the tradeoffs being handwaved away. And so much imagination fills in for the actual behavior. So I tried to describe how it's built, because that informs how it works, which informs what it actually does. And to be clear, it does things. It's not useless. But that's not the same as being useful, or worthwhile.
Anyway, I already put ~4k words on this in the article, so I'll shut up and let it speak for itself.
@cR0w There is a small «The Cisco PSIRT is aware of limited exploitation of this vulnerability.» on https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk
Cisco Security Advisory: Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk
@cR0w Cisco Talos says it was : https://blog.talosintelligence.com/uat-8616-sd-wan/
Active exploitation of Cisco Catalyst SD-WAN by UAT-8616
Cisco Talos is tracking the active exploitation of CVE-2026-20127, a vulnerability in Cisco Catalyst SD-WAN Controller, formerly vSmart, that allows an unauthenticated remote attacker to bypass authentication and obtain administrative privileges.
Cisco SD-WAN vulns
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v - score 9.8
Cisco Security Advisory: Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk
K. Reid Wightman 
🌻 
Our site admin (@jerry) is about to get walloped with additional hosting fees, thanks to the great AIpocalypse that is messing up everything with datacenter costs.
I love the fediverse because there are no bullshit targeted ads and no bullshit algorithm-boosted messaging. Just a bunch of humans running servers. The downside of this is there is very little money in running servers and they cost more and more to keep going.
I increased my donation a bit today to help keep up with the costs.
Consult your instance admin for where to donate. In our case you can look at Jerry's profile for the official donation places. If you can afford to donate please do. If you can afford to increase your donation, please do that too.
TaggartIn which I go full foil hat...or do I?
The plan sounds crazy until you realize how crazy the plan has already been.
LutrisLutris 0.5.20 is out!
Proton-GE is now used by default via the umu launcher plus new runners and many fixes!
@d_yellowlees @wendynather Perhaps small cat pictures in the corner of every slide. I have enough cat photos on my phone to last me many many many presentations
@d_yellowlees @wendynather But but but! Where am I to put pictures of my cats and also talk about them?