Science experiments are not considered completely valid unless they can be replicated. Replicating an experiment is pretty much impossible unless you've been steeped in the various factors of scientific theory. And even if you are thoroughly trained in those factors, it's easy to lose track when you're doing a casual experiment at home. That goes double when your aim is to debunk something that you find obviously wrong.

Sage the Bad Naturalist jumped into such a debunking experiment with both feet, and then got entangled in them. She spent an entire year trying to replicate a dubious TikTok, which turned into an embarrassing adventure in how not to do science. But negative results are still results, and the goal of science is always to learn something. She bravely admits all the things she did wrong, because scientists have to have humility to be accepted. What's funniest is how many things went wrong, and how they all piled up to the end. What she ended up with is an amusing and rather charming video on the dangers of throwing your heart (and time) into debunking something you saw on the internet. -via Metafilter

Nightis a sculpture on the tomb of Giuliano de Medici, the Duke of Urbino, in the city of Florence. Michelangelo carved it between 1526 and 1531 and composed these lines to place in the mouth of this personification of the night:

Precious is sleep, better to be of stone,
while the oppression and the shame still last;
not seeing and not hearing, I am blest;
so do not wake me, hush! keep your voice down

In a 2000 letter to the New England Journal of Medicine, James J. Stark and Jonathan Katz Nelson argue that the model that Michelanglo used likely had advanced breast cancer. Her left breast has lumps indicative of a tumor in the nipple or the lymphatics beneath the nipple. As these shapes are not present in the other female breasts that Michelanglo composed, it's likely that this shape reflects, tragically, the model herself.

-via TYWKIWDBI

This is the time of year we think about overindulging on rich and elaborate foods. We also open our doors to family and friends to celebrate winter holidays. That's why you've always wanted to impress them with a delicious home made cheese cake. There are plenty of classic recipes on the internet that involve cream cheese, sugar, eggs, and flavoring, but the process is rather delicate. If you've tried before and had a less-then-perfect result, The Takeout will troubleshoot for you with the 12 most common mistakes in baking cheesecake. If you've never made a cheesecake before, so many possible mistakes may intimidate you. Relax, I've made cheesecake a few times and it's not as difficult as you might be led to believe. Even when it isn't perfect, it's still cheesecake, and that's a wonderful thing.

But if you have perfected the art of baking a cheesecake, you might want to take it up a notch and make Japanese cheesecake, which is the light and airy soufflé version. The Takeout has you covered with instructions for that, too. Now you'll be ready to really impress your holiday guests.   

(Image credit: Alice Wiegand)

Altas Obscura tells us about the S.S. Relief--the formal name for an outhouse that floats in Lake Casitas near Ventura, California. The artificial lake is an important water reservoir for the thirsty people of southern California, so the Casitas Municipal Water District takes its cleanliness very seriously.

The lake is popular among boaters and fishermen. After a few hours out on the water, people need to relieve themselves. They can then paddle up to the S.S. Relief, which is a 2-seater outhouse that floats on the surface of the water. The waste is contained on the barge, so there's no contamination of the lake's purity.

Prolific science fiction author Harlan Ellison wrote two episodes of the TV series The Outer Limits, "Soldier" and "Demon with a Glass Head." They both ran during the show's second season in 1964. In 1984, Ellison heard that James Cameron was working on a film that seemed quite similar to the plot of "Soldier," which you can watch in full. Hemdale Productions wouldn't let him see the script. When he saw The Terminator, Ellison was ready to sue.

The lawsuit never came about, because Hemdale Productions settled the case, for money, screen credit in subsequent releases of the film, and a gag order. To this day, people argue over whether The Terminator was at all plagiarized and if so, how much. Read what Ellison had to say about the case at the time and the reaction from James Cameron at Den of Geek. You've probably already seen The Terminator, and it's up to you to watch The Outer Limits episode if you want to form your own opinion.  

If you had a real working time machine, the temptation to use it as much as you could would be overwhelming, even when it doesn't make sense. Would you get stuck on trying to make everything perfect, just for the excuse to go back and forth? Doc's become a little obsessed, to the point where you might want to take his keys away and make him remain in one timeline for a while. Why make the 1985 Marty always save the day when you could just ask 2015 Marty to do the same? Or maybe even take care of the problem yourself. Maybe this is why Doc eventually decided to stay in the 19th century in the third film. No, right, that was for love. Studio C did a good job of recreating the characters of Back to the Future 2 in order to explore the absurdities of what that kind of power can do to someone.

It all starts with the anything-but-smooth introduction...

If this keep up I'll have no choice but to start calling dogs "goggies."

Vampire bats rely on amino acids from their blood diet to fuel their exercise, scientists discovered after observing the animals on tiny treadmills.

The discovery of an impeccably preserved Celtic burial chamber in southern Germany is a "stroke of luck for archaeology," scientists say.

The clonal quaking aspen known as Pando is between 16,000 and 80,000 years old.

The Leonid meteor shower peaks in North America overnight from Nov. 17 to 18, with fast-moving fireballs possible in US skies.

There is a 50% chance that global warming will consistently exceed 1.5 degrees Celsius in the next six years, according to a new report.

Welcome to the first episode of the Internet Musician Podcast! Show notes for Episode #1: Subscribe to the Internet Musician Podcast with iTunes: The first episode of The Internet Musician Podcast, hosted by indie artist and internet music marketing junkie Brian Hartzog (http://www.brianhartzog.net).  In this introductory episode, Brian introduces himself, his indie music credentials and […]

Show notes for Episode #2: Subscribe to the Internet Musician Podcast with iTunes: In this episode, I present “Music Tools for the Indie Artist”, a topic that I recently presented to a local songwriting group.  Specifically, I present the tools and process I use to capture and preserve those moments of musical inspiration–no matter whether they strike […]

Show notes for Episode #3: Subscribe to the Internet Musician Podcast with iTunes: Also in this episode, I discuss the five things you must believe cultivate your DIY music attitude, including: 1. The business has been lying to you. Major label artists are not getting rich off of record sales. Radio is fake. Don’t belive […]

Show Notes for Episode 4: Subscribe to the Internet Musician Podcast with iTunes: As a musician, you need a good website.  You know that. But you really don’t need to spend years trying to understand the technology. You also don’t want to spend tons of time working on your site without knowing if you’re doing things […]

Show Notes for Episode 6: Following my recent appearance on the Film and TV Music Licensing Panel at the MidAtlantic Music Conference here in Charlotte, NC, I definitely have music licensing on my mind.  It’s always been a passion of mind…one of those areas of music marketing that I’ve researched exhaustively for years.  It’s also […]

Did you know that advanced threat actors can infiltrate the identity systems of major organizations and extract sensitive data within days? It’s a chilling reality, becoming more common and concerning by the day. These attackers exploit vulnerabilities in SaaS and cloud environments, using compromised identities to move laterally within networks, causing widespread damage. Cybersecurity and IT

Cybersecurity researchers have discovered a new version of a well-known Android malware family dubbed FakeCall that employs voice phishing (aka vishing) techniques to trick users into parting with their personal information. "FakeCall is an extremely sophisticated Vishing attack that leverages malware to take almost complete control of the mobile device, including the interception of incoming

Google said it discovered a zero-day vulnerability in the SQLite open-source database engine using its large language model (LLM) assisted framework called Big Sleep (formerly Project Naptime). The tech giant described the development as the "first real-world vulnerability" uncovered using the artificial intelligence (AI) agent. "We believe this is the first public example of an AI agent finding

As the holiday season approaches, retail businesses are gearing up for their annual surge in online (and in-store) traffic. Unfortunately, this increase in activity also attracts cybercriminals looking to exploit vulnerabilities for their gain.  Imperva, a Thales company, recently published its annual holiday shopping cybersecurity guide. Data from the Imperva Threat Research team’s

Cybersecurity researchers have disclosed six security flaws in the Ollama artificial intelligence (AI) framework that could be exploited by a malicious actor to perform various actions, including denial-of-service, model poisoning, and model theft. "Collectively, the vulnerabilities could allow an attacker to carry out a wide-range of malicious actions with a single HTTP request, including

Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-43093, has been described as a privilege escalation flaw in the Android Framework component that could result in unauthorized access to "Android/data," "Android/obb," and "Android/sandbox" directories, and their respective

Taiwanese network-attached storage (NAS) appliance maker Synology has addressed a critical security flaw impacting DiskStation and BeePhotos that could lead to remote code execution. Tracked as CVE-2024-10443 and dubbed RISK:STATION by Midnight Blue, the zero-day flaw was demonstrated at the Pwn2Own Ireland 2024 hacking contest by security researcher Rick de Jager. RISK:STATION is an "

Zero Trust security changes how organizations handle security by doing away with implicit trust while continuously analyzing and validating access requests. Contrary to perimeter-based security, users within an environment are not automatically trusted upon gaining access. Zero Trust security encourages continuous monitoring of every device and user, which ensures sustained protection after

Over 1,500 Android devices have been infected by a new strain of Android banking malware called ToxicPanda that allows threat actors to conduct fraudulent banking transactions. "ToxicPanda's main goal is to initiate money transfers from compromised devices via account takeover (ATO) using a well-known technique called on-device fraud (ODF)," Cleafy researchers Michele Roviello, Alessandro Strino

The U.S. Federal Bureau of Investigation (FBI) has sought assistance from the public in connection with an investigation involving the breach of edge devices and computer networks belonging to companies and government entities. "An Advanced Persistent Threat group allegedly created and deployed malware (CVE-2020-12271) as part of a widespread series of indiscriminate computer intrusions designed

Meta has been fined 21.62 billion won ($15.67 million) by South Korea's data privacy watchdog for illegally collecting sensitive personal information from Facebook users, including data about their political views and sexual orientation, and sharing it with advertisers without their consent. The country's Personal Information Protection Commission (PIPC) said Meta gathered information such as

INTERPOL on Tuesday said it took down more than 22,000 malicious servers linked to various cyber threats as part of a global operation. Dubbed Operation Synergia II, the coordinated effort ran from April 1 to August 31, 2024, targeting phishing, ransomware, and information stealer infrastructure. "Of the approximately 30,000 suspicious IP addresses identified, 76 per cent were taken down and 59

Cybersecurity researchers are warning that a command-and-control (C&C) framework called Winos is being distributed within gaming-related applications like installation tools, speed boosters, and optimization utilities. "Winos 4.0 is an advanced malicious framework that offers comprehensive functionality, a stable architecture, and efficient control over numerous online endpoints to execute

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads for over three years while stealthily exfiltrating developers' Amazon Web Services (AWS) credentials. The package in question is "fabrice," which typosquats a popular Python library known as "fabric," which is designed to execute shell commands remotely over

Cisco has released security updates to address a maximum severity security flaw impacting Ultra-Reliable Wireless Backhaul (URWB) Access Points that could permit unauthenticated, remote attackers to run commands with elevated privileges. Tracked as CVE-2024-20418 (CVS score: 10.0), the vulnerability has been described as stemming from a lack of input validation to the web-based management

The China-aligned threat actor known as MirrorFace has been observed targeting a diplomatic organization in the European Union, marking the first time the hacking crew has targeted an entity in the region. "During this attack, the threat actor used as a lure the upcoming World Expo, which will be held in 2025 in Osaka, Japan," ESET said in its APT Activity Report for the period April to

Tactics, techniques, and procedures (TTPs) form the foundation of modern defense strategies. Unlike indicators of compromise (IOCs), TTPs are more stable, making them a reliable way to identify specific cyber threats. Here are some of the most commonly used techniques, according to ANY.RUN's Q3 2024 report on malware trends, complete with real-world examples. Disabling of Windows Event Logging

Defending your organization’s security is like fortifying a castle—you need to understand where attackers will strike and how they’ll try to breach your walls. And hackers are always searching for weaknesses, whether it’s a lax password policy or a forgotten backdoor. To build a stronger defense, you must think like a hacker and anticipate their moves. Read on to learn more about hackers'

Cybersecurity researchers have flagged a new malware campaign that infects Windows systems with a Linux virtual instance containing a backdoor capable of establishing remote access to the compromised hosts. The "intriguing" campaign, codenamed CRON#TRAP, starts with a malicious Windows shortcut (LNK) file likely distributed in the form of a ZIP archive via a phishing email. "What makes the CRON#

A new campaign has targeted the npm package repository with malicious JavaScript libraries that are designed to infect Roblox users with open-source stealer malware such as Skuld and Blank-Grabber. "This incident highlights the alarming ease with which threat actors can launch supply chain attacks by exploiting trust and human error within the open source ecosystem, and using readily available

We’ve all heard a million times: growing demand for robust cybersecurity in the face of rising cyber threats is undeniable. Globally small and medium-sized businesses (SMBs) are increasingly targeted by cyberattacks but often lack the resources for full-time Chief Information Security Officers (CISOs). This gap is driving the rise of the virtual CISO (vCISO) model, offering a cost-effective