Video Hegseth had commercial internet ‘dirty line’ in his office for Signal app: Sources
https://abcnews.go.com/Politics/video/hegseth-commercial-internet-dirty-line-office-signal-app-121138033?utm_source=flipboard&utm_medium=activitypub
Posted into News @news-abc
Almost ready to enter the real world!
The fact that indoor-started plants need to gradually get adjusted to sunlight or they'll get sunburn is... Surprising to me. Isn't sunlight what plants crave?
I'll get over it...
Oh, what's that?'NICIPConfigUpdateDeployment-1745511600265' is not valid?
Oh, let me put my Azure translation hat on. Ok, got it:
You have exceeded your limit of 10 publicly available IP addresses. Please first Disassociate the IP address and then delete it. Otherwise you will get another error message.
Boy, this hat is useful.
Just kidding. There's no such hat.
You need to trudge through things until you brute-force figure things out.
Time to go touch grass...
What's that?
The "Most used by Azure users" VM type that I picked isn't available?
You know what, instead of Go Fish, maybe tell me what I can use?
Edit: Azure Spot pricing apparently isn't a thing. No matter which Size + Region combination you choose, you'll get an error that says that the combo isn't available where you want it. 🤦♂️
What's that? I need to remove the number of data disks in my VM? Maybe tell me how to do this?
Ohhhh... You've selected an Azure VM image that requires more than 4 disks, and the VM type currently selected has only 4 disks? I'm no UI/UX expert, but maybe just TELL ME THIS?
If you create an ARM VM in Azure, beware that your "Recently used size" will be ARM, and as such you will not be able to create any preconfigured x64 VMs.
Because of course if your "Recently used size" is ARM, Microsoft will disable the ability to pick an x64 size. 🤦♂️
Yes, I had to create a sacrificial x84 VM in Azure to work around this. Once my recently used size was x64, I was able to pick any size that I wanted.
Well what do you know? Cisco actually is impacted by this and is finally putting out an advisory for it.
Don't worry about rushing to patch though. Those aren't coming until next month.
Impacted products:
ConfD, ConfD Basic, Network Services Orchestrator (NSO)
Still under investigation:
Network Management and Provisioning
Routing and Switching - Enterprise and Service Provider
Routing and Switching - Small Business
Video, Streaming, TelePresence, and Transcoding Devices
On April 16, 2025, a critical vulnerability in the Erlang/OTP SSH server was disclosed. This vulnerability could allow an unauthenticated, remote attacker to perform remote code execution (RCE) on an affected device. The vulnerability is due to a flaw in the handling of SSH messages during the authentication phase. For a description of this vulnerability, see the Erlang announcement. This advisory will be updated as additional information becomes available. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-erlang-otp-ssh-xyZZy
Since the update to patch April's CVE-2025-22457 was included in February's ICS updates (it didn't get CVE attention at that time as presumably Ivanti didn't recognize that stack buffer overflows are exploitable), the Ivanti Advisory indicated that the fix for CVE-2025-22457 could be downloaded from the Download Portal.
Because we are curious people, we read what vendors say. A few things jump out at me:
1) Despite there being existing CPEs for Ivanti Policy Secure (cpe:2.3:a:ivanti:policy_secure:...) and ZTA Gateways (cpe:2.3:a:ivanti:neurons_for_zero-trust_access:...), Ivanti chose either CPE in their advisory. I cannot fathom why.
Sub-wonder: For people using CPE in the real world, how do you know what CPE to use? I had to use ChatGPT to find the latter of the above, which seems... neither practical nor scalable? I'll admit that I know next to nothing about CPE other than inconsistently seeing them in CVE entries.
2) The patch availability for ZTA Gateways was April 19 and "will be automatically applied", and the availability for Ivanti Policy Secure is today (April 21). Might I conclude from this that all ZTA Gateways systems are protected, since April 19 has already passed? And that Ivanti Policy Secure systems have a patch available right now?
Ivanti hasn't updated their advisory since Apri 15.
ABC News
cR0w 