| Bio | Matt is a cybersecurity architect in australia |
I am really not worried about what AI is capable of doing and much much more concerned with:
1. the financial bubble of AI
2. what companies that create AI are not telling the public or government
3. the real cost of AI in resources
Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTD Software releases that are affected by CVE-2025-20333 and CVE-2025-20362. This attack can cause unpatched devices to unexpectedly reload, leading to denial of service (DoS) conditions. Cisco strongly recommends that all customers upgrade to the fixed software releases that are listed in the Fixed Software section of this advisory. A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker with valid VPN user credentials could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as root, possibly resulting in the complete compromise of the affected device. Cisco has released software updates that address this vulnerability. Cisco continues to strongly recommend that customers upgrade to a fixed software release to remediate this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-z5xP8EUB For more information on the vulnerability that is described in this advisory, see Cisco Event Response: Continued Attacks Against Cisco Firewall Platforms.
Signs U.S. Massing B-2 Spirit Bombers In Diego Garcia (Updated)
The U.S. is flowing in airpower to the Indian Ocean outpost as threats to Iran escalate and the bombing campaign against the Houthis grinds on.
https://www.twz.com/air/signs-u-s-massing-b-2-spirit-bombers-in-diego-garcia
I'm really loving how Mastodon has become a refuge for all the grizzled seafarers on the ocean of the internet. They pop up in my feed and their bios all say something like
"I've been online for longer than the internet. I've seen things you people wouldn't believe. 56k modems on fire in the light of Usenet. I watched IRC forks glitter in the dark near the Gateway 3000. All those moments will be lost in slop, like tears in rain. Time to deshittify."
So which BeyondTrust product did threat actors abuse in the Treasury breach? Based on the description, seems like it was either Remote Support or Privileged Remote Access. Neither is great, but the latter seems a LOT worse.
If it is Privileged Remote Access, then these are probably either break glass systems/accounts or vendors providing support for specialized software.
In either case, I'd expect the fallout to be more significant than Treasury is currently indicating.
jilleduffy
Jake Williams
Eldritch kcarruthers
Janeishly
Kevin Beaumont
CySec Feeds
