Public
- Public
- Groups
- Popular
- People

Notices by GeniusMusing (geniusmusing@nu.federati.net)

GeniusMusing (geniusmusing@nu.federati.net)'s status on Saturday, 05-Dec-2020 04:37:36 UTC GeniusMusing
in reply to
- Nobody [LinuxWalt (@lnxw48a1)]
@lnxw48a1 I made it a little farther than "blockchain"...

In conversation about 4 hours ago from web permalink
GeniusMusing (geniusmusing@nu.federati.net)'s status on Saturday, 05-Dec-2020 01:17:33 UTC GeniusMusing
in reply to
- Nobody [LinuxWalt (@lnxw48a1)]
@lnxw48a1 The 5 9's created a big discussion at $EMPLOYER as to what downtime actually mean. Was it any time the server(s) couldn't be reached? Was it only during working hours? Did weekend updates/upgrades count as downtime? If the internet was down did that count as server downtime as it couldn't be reached in a different location?

In the end it was decided to not ask IT for metrics about uptime as they couldn't agree on a definition. It was 4-5 hours of my life I will never get back.

In conversation about 7 hours ago from web permalink
GeniusMusing (geniusmusing@nu.federati.net)'s status on Saturday, 05-Dec-2020 01:12:09 UTC GeniusMusing
in reply to
- Nobody [LinuxWalt (@lnxw48a1)]
@lnxw48a1 Ouch!

In conversation about 7 hours ago from web permalink
GeniusMusing (geniusmusing@nu.federati.net)'s status on Wednesday, 02-Dec-2020 20:39:16 UTC GeniusMusing

Malicious npm packages caught installing remote access trojans ZDNet
https://www.zdnet.com/article/malicious-npm-packages-caught-installing-remote-access-trojans/

>The security team behind the "npm" repository for JavaScript libraries removed two npm packages this Monday for containing malicious code that installed a remote access trojan (RAT) on the computers of developers working on JavaScript projects.
>techrepublic cheat sheet
>
>The name of the two packages was jdb.js and db-json.js., and both were created by the same author and described themselves as tools to help developers work with JSON files typically generated by database applications.
>
>Both packages were uploaded on the npm package registry last week and were downloaded more than 100 times before their malicious behavior was detected by Sonatype, a company that scans package repositories on a regular basis.
>
>According to Sonatype's Ax Sharma, the two packages contained a malicious script that executed after web developers imported and installed any of the two malicious libraries.
>
>The post-install script performed basic reconnaissance of the infected host and then attempted to download and run a file named patch.exe (VT scan) that later installed njRAT, also known as Bladabindi, a very popular remote access trojan that has been used in espionage and data theft operations since 2015.
>
>To make sure the njRAT download wouldn't have any issues, Sharma said the patch.exe loader also modified the local Windows firewall to add a rule to whitelist its command and control (C&C) server before pinging back its operator and initiating the RAT download.
>
>All of this behavior was contained in the jdb.js package only, while the second package, db-json.js, loaded the first in an attempt to disguise its malicious behavior.
>...
In conversation about 2 days ago from web permalink
Attachments
1. Malicious npm packages caught installing remote access trojans | ZDNet
  
  from https://twitter.com/campuscodi
  
  JavaScript and Node.js developers who installed the jdb.js and db-json.js packages were infected with the njRAT malware.
GeniusMusing (geniusmusing@nu.federati.net)'s status on Wednesday, 02-Dec-2020 16:02:06 UTC GeniusMusing

Security Vulnerabilities fixed in Thunderbird 78.5.1 — Mozilla
https://www.mozilla.org/en-US/security/advisories/mfsa2020-53/

>CVE-2020-26970: Stack overflow due to incorrect parsing of SMTP server response codes
>
>Reporter
> Chiaki Ishikawa
>Impact
> high
>
>Description
>
>When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable.
In conversation about 3 days ago from web permalink
Attachments
1. Security Vulnerabilities fixed in Thunderbird 78.5.1
GeniusMusing (geniusmusing@nu.federati.net)'s status on Wednesday, 02-Dec-2020 01:37:56 UTC GeniusMusing
in reply to
- Nobody [LinuxWalt (@lnxw48a1)]
@lnxw48a1 There was more than one?

In conversation about 3 days ago from web permalink
GeniusMusing (geniusmusing@nu.federati.net)'s status on Wednesday, 02-Dec-2020 01:37:00 UTC GeniusMusing
in reply to
- Nobody [LinuxWalt (@lnxw48a1)]
@lnxw48a1 Been using DDG 95%-98% exclusively for about a year and while I think my "search formula" (search text) might have changed in that time, I rarely have to visit g for a search, maybe images, DDG seems to lack in that area.

In conversation about 3 days ago from web permalink
GeniusMusing (geniusmusing@nu.federati.net)'s status on Tuesday, 01-Dec-2020 19:06:29 UTC GeniusMusing
in reply to
- Nobody [LinuxWalt (@lnxw48a1)]
- mangeurdenuage
@lnxw48a1 @mangeurdenuage
>and this time, with more of a nod toward maintainability.

It first used on November 1, 1963, so it lasted 57 years which is not really that bad given how many hurricanes have passed over it in that time.

Arecibo Observatory Wikipedia
https://en.wikipedia.org/wiki/Arecibo_Observatory

In conversation about 4 days ago from web permalink
GeniusMusing (geniusmusing@nu.federati.net)'s status on Tuesday, 01-Dec-2020 15:24:38 UTC GeniusMusing

Humble Book Bundle: Hacking 101 by No Starch Press pay what you want and help charity
https://www.humblebundle.com/books/hacking-101-no-starch-press-books

>Humble Book Bundle: Hacking 101 by No Starch Press
>
>We've teamed up with No Starch Press for our newest bundle with a wealth of great ebooks for you to enjoy!! Get ebooks like Metasploit, Web Security for Developers, Real-World Bug Hunting, and Black Hat Go. Plus, your purchase will support the National Coalition Against Censorship and the No Starch Press Foundation!

>$655 worth of awesome stuff
>Pay $1 or more
>DRM-free
>Multi-format

In conversation about 4 days ago from web permalink
GeniusMusing (geniusmusing@nu.federati.net)'s status on Tuesday, 01-Dec-2020 14:42:16 UTC GeniusMusing

Arecibo Observatory in Puerto Rico Collapses Weeks After Suffering Major Damage The Weather Channel Articles from The Weather Channel | weather.com
https://weather.com/news/news/2020-12-01-arecibo-observatory-radio-telescope-collapses

>The renowned Arecibo Observatory radio telescope in Puerto Rico, closed because of damage, completely collapsed Tuesday morning.
>
>"Friends, it is with deep regret to inform you that the Arecibo Observatory platform has just collapsed," tweeted Deborah Martorell, a senior meteorologist for WAPA-TV and El Nuevo Dia in San Juan, Puerto Rico.
>
>Martorell, who was at the observatory on Monday, received a call from a scientist at the site Tuesday saying the giant reflector dish and the Gregorian Dome that held instruments above it had both collapsed, El Nuevo Dia reported.
>...
In conversation about 4 days ago from web permalink
Attachments
1. Arecibo Observatory in Puerto Rico Collapses Weeks After Suffering Major Damage | The Weather Channel - Articles from The Weather Channel | weather.com
  
  Two cables snapped on the huge radio telescope in Puerto Rico earlier this year, forcing it to close. - Articles from The Weather Channel | weather.com

Before

User actions

Pacific Northwest

AKA Wile E. Coyote, Inventor, Maker, Programmer, Writer and Super Genius.

Tags

(None)

More details...

Following 18

Followers 38

Groups 4

Statistics

User ID: 16

Member since: 10 Jan 2017

Notices: 1443

Daily average: 1

Feeds

Federati Nu: Federated N-series GNU Social is a social network, courtesy of Federati Networks. It runs on GNU social, version 2.0.0-dev, available under the GNU Affero General Public License.

All Federati Nu: Federated N-series GNU Social content and data are available under the Creative Commons Attribution 3.0 license.

Switch to mobile site layout.