rhe

@[email protected]
26 Followers
257 Following
185 Posts
🇪🇺 | Security | Cloud | Coffee Addict | Views are my own.
Twitterhttps://twitter.com/rhe403/
GitHubhttps://github.com/rhe403/
rheJan 12, 2024

📢 Version 1.2.3 of the GHAS Reporting Tool is out - a Python script to fetch GitHub Advanced Security alerts.

Bug Fixes

- Update requirements.txt to resolve vulnerabilities in script dependencies

#GitHub #NewRelease #GHAS #AppSec #InfoSec

https://github.com/rhe8502/ghas_report/releases/tag/v1.2.3

Release GHAS Reporting Tool v1.2.3 · rhe8502/ghas_report

Latest release of the GHAS Reporting Tool, a versatile Python script that retrieves GitHub Advanced Security (GHAS) alerts for specified organizations or repositories and generates reports based on...

GitHub
rheJan 8, 2024
Assn for Computing MachineryJan 8, 2024
It is with great regret that we mark the passing of programming language pioneer and A.M. Turing Laureate Niklaus Wirth, who passed away on Jan 1, 2024. Wirth created the Euler and PL360 languages. Working with Tony Hoare, Wirth used Euler as the basis of Algol-W which then became the basis for Pascal, which provided a foundation for future computer languages, systems, and architectural research for years to come. https://bit.ly/3jsDb6y
Niklaus E. Wirth - A.M. Turing Award Laureate

rheJan 8, 2024
John OpdenakkerJan 8, 2024

A lot of interesting stats about CVE's in 2023

Among other:

- Almost 29,000 CVE's registered, over 15% increase vs 2022
- 36 CVEs scored a “perfect” 10.0 CVSS score.
- The lowest published CVSS score was 1.8
- On average, 79.18 CVEs were published each day.
- 22.3% of all CVE's were published on Tuesdays.

https://jerrygamblin.com/2024/01/03/2023-cve-data-review/

Also around 4,200 CVEs with CVSS score 9.8 https://www.cvedetails.com/vulnerability-search.php?f=1&vaendor=&product=&cweid=&cvssscoremin=9.8&cvssscoremax=9.8&publishdatestart=2023-01-01&publishdateend=2023-12-31&updatedatestart=&updatedateend=&cisaaddstart=&cisaaddend=&cisaduestart=&cisadueend=&page=1

#infosec

rheJan 8, 2024
Zack WhittakerJan 8, 2024

Private Eye has a special report (free PDF) on the U.K. Post Office IT scandal that resulted in the wrongful convictions of hundreds of sub-postmasters accused of stealing money.

What actually transpired was that bugs in the outsourced IT system resulted in money appearing as if it was missing. A huge, if not one of the biggest miscarriages of justice in recent U.K. history

How the Post Office wrecked the lives of its own workers.

https://www.private-eye.co.uk/special-reports/justice-lost-in-the-post

Special Report: Justice Lost In The Post

CONCEIVED in 1996 as one of the first private finance initiative (PFI) contracts, between the Post Office and the Benefits Agency on the one hand and computer company ICL on the other, the Horizon IT system had an unpromising start. It had been set up to create a swipe card system for payment of pensions and benefits from Post Office branch counters. But, as with most mega-IT projects of the time, it soon fell victim to over-ambition, management consultancy snake oil and the inability of a PFI contract to deliver a complex public service.

rheDec 30, 2023
BrianKrebsDec 29, 2023

KrebsOnSecurity celebrates its 14th year of existence today! I promised myself this post wouldn’t devolve into yet another Cybersecurity Year in Review. Nor do I wish to hold forth about whatever cyber horrors may await us in 2024. But I do want to thank you all for your continued readership, encouragement and support, without which I could not do what I do.

And a big thanks to everyone following my work from here!

https://krebsonsecurity.com/2023/12/happy-14th-birthday-krebsonsecurity/

Happy 14th Birthday, KrebsOnSecurity! – Krebs on Security

rheDec 16, 2023

The World Depends on 60-Year-Old Code No One Knows Anymore | PCMag

https://www.pcmag.com/articles/ibms-plan-to-update-cobol-with-watson

rheDec 13, 2023
LukHashDec 13, 2023
Humble beginnings (2009)
rheDec 13, 2023
Crazy Eddie's Used ComputersDec 13, 2023
I neglected to post about this when it happened, but just about a month ago I took a trek down to the Bay Area to pick up a very rare system -- a DEC PDP-15 minicomputer. The PDP-15 was introduced in 1970 and is the last of DEC's 18-bit line (which started with the PDP-1). The last few weeks I've spent restoring the main power supply and this past weekend was the first power-up. I'm keeping a journal of the restoration here: https://wiki.unix-haters.org/doku.php?id=dec:pdp-15
dec:pdp-15 [The UNIX-HATERS Wiki]

rheDec 10, 2023
Robert Petersen Dec 10, 2023

Doom was released 30 years ago today, on December 10th, 1993.

#Doom #DOS #DOSGaming #RetroGaming #RetroComputing

rheDec 10, 2023
Eugen RochkoDec 10, 2023
It’s hard not to say “AI” when everybody else does too, but technically calling it AI is buying into the marketing. There is no intelligence there, and it’s not going to become sentient. It’s just statistics, and the danger they pose is primarily through the false sense of skill or fitness for purpose that people ascribe to them.