BurtonbartijnGoeie quote! “Private equity en de zorg: dat zijn geen rotte appels, dat is een in-en inrotte boom.” https://fd.nl/opinie/1483652/rotte-appels
| website | https://malschaertadvies.nl |
@robmalschaert
- 79 Followers
- 200 Following
- 159 Posts
Enterprise Architect/Clinical Informatician/Infosec specialist in healthcare. Father of 3, wannabe cyclist, homebrewer & drummer. “And there was much rejoicing…”
Dr David MillsIt's looking a little more like there might be something in this boiling water temperature superconductor. Fingers crossed!
https://www.tomshardware.com/news/superconductor-breakthrough-replicated-twice
https://www.tomshardware.com/news/superconductor-breakthrough-replicated-twice
TechmemeHacker group Cult of the Dead Cow plans to detail P2P protocol Veilid, to encrypt social media and apps, at Def Con next week, its biggest release in 10 years (Joseph Menn/Washington Post)
https://www.washingtonpost.com/technology/2023/08/02/encryption-dead-cow-cult-apps-def-con/
http://www.techmeme.com/230802/p14#a230802p14
Renate
BrianKrebsBeyondTrust has apparently found and is fixing a CVSS 10.0 flaw that allows an unauthenticated attacker to inject commands that run as the site user.
The notice about this is hidden behind a customer portal
https://beyondtrustcorp.service-now.com/csm?id=kb_article_view&sysparm_article=KB0020207
but here's the gist:
DETAILS
Privileged Remote Access (PRA) and Remote Support (RS) versions 23.2.1 and 23.2.2 contain a command injection vulnerability which can be exploited through a malicious HTTP request. Successful exploitation can allow an unauthenticated remote attacker to execute underlying operating system commands within the context of the site user.
Resolution
This issue will be fixed in version 23.2.3 and will be available soon. The TRY-21041 patch for 23.2.1 and 23.2.2 is available now from the Check For Updates menu within the /appliance interface, and a copy of the patch has also been attached to this Security Bulletin here.
DISCLAIMER: For cloud customers, please be aware that these sites have already received the patch and they have been applied without any downtime or interruption to services.
We highly recommend taking a backup of the appliance before making any changes. It is a best practice to safeguard data and configuration settings in case any unexpected issues arise during the modification process. By taking a backup, one can easily restore the system to its previous state if needed, ensuring minimal disruption to operations. Please refer to our KBS on Configuring a Backup and Restoring a Backup.
Severity CVSS 10.0 (Critical)
CVE ID Pending
Acknowledgements
This vulnerability was discovered internally by BeyondTrust as part of our standard code audits and penetration tests.
Asteroid City 👌
BlueberryThis is hilarious: a website that reads tech giants’ terms of service to soothe you to sleep
ToonHoly Moly! Je burgerservicenummer koppelen aan een trackingcookie?!?! Doe effe normaal!!! Overheidsinformatie moet gewoon OPENBAAR zonder restricties worden verstrekt en burgers moeten dat gewoon met behoud van privacy kunnen raadplegen. Toch? Hoezo überhaupt een tracking-cookie op een overheidswebsite. Foei!
Met de kinderen naar het vrijheidsmuseum in Groesbeek geweest. (Aanrader!) Vooral het interactieve stuk met allerlei dilemma’s deed veel met ze. Al maakte de Oekraïense ambulance vol met kogelgaten die buiten stond, misschien wel het meeste indruk…
Eric Smithttps://www.volkskrant.nl/nieuws-achtergrond/niet-eerder-lag-er-zo-weinig-zee-ijs-rond-de-zuidpool-dit-gaat-alle-records-te-buiten~b4306c08/ Marcel Crok kan u piekfijn uitleggen dat er he-le-maal niets aan de hand is
