This week was a total digital dumpster fire! Hackers were like, "Let's cause some chaos!" and went after everything from our browsers to those fancy cameras that zoom and spin. (You know, the ones they use in spy movies? ????️‍♀️) We're talking password-stealing bots, sneaky extensions that spy on you, and even cloud-hacking ninjas! ???? It's enough to make you want to chuck your phone in the ocean.

Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-43093, has been described as a privilege escalation flaw in the Android Framework component that could result in unauthorized access to "Android/data," "Android/obb," and "Android/sandbox" directories, and their respective

An ongoing campaign is targeting npm developers with hundreds of typosquat versions of their legitimate counterparts in an attempt to trick them into running cross-platform malware. The attack is notable for utilizing Ethereum smart contracts for command-and-control (C2) server address distribution, according to independent findings from Checkmarx, Phylum, and Socket published over the past few

Zero Trust security changes how organizations handle security by doing away with implicit trust while continuously analyzing and validating access requests. Contrary to perimeter-based security, users within an environment are not automatically trusted upon gaining access. Zero Trust security encourages continuous monitoring of every device and user, which ensures sustained protection after

The Canadian government on Wednesday ordered ByteDance-owned TikTok to dissolve its operations in the country, citing national security risks, but stopped short of instituting a ban on the popular video-sharing platform. "The decision was based on the information and evidence collected over the course of the review and on the advice of Canada's security and intelligence community and other

Cisco has released security updates to address a maximum severity security flaw impacting Ultra-Reliable Wireless Backhaul (URWB) Access Points that could permit unauthenticated, remote attackers to run commands with elevated privileges. Tracked as CVE-2024-20418 (CVS score: 10.0), the vulnerability has been described as stemming from a lack of input validation to the web-based management

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical security flaw impacting Palo Alto Networks Expedition to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-5910 (CVSS score: 9.3), concerns a case of missing authentication in the Expedition migration tool that

We’ve all heard a million times: growing demand for robust cybersecurity in the face of rising cyber threats is undeniable. Globally small and medium-sized businesses (SMBs) are increasingly targeted by cyberattacks but often lack the resources for full-time Chief Information Security Officers (CISOs). This gap is driving the rise of the virtual CISO (vCISO) model, offering a cost-effective

Let’s face it—traditional security training can feel as thrilling as reading the fine print on a software update. It’s routine, predictable, and, let’s be honest, often forgotten the moment it's over. Now, imagine cybersecurity training that’s as unforgettable as your favorite show. Remember how "Hamilton" made history come alive, or how "The Office" taught us CPR (Staying Alive beat, anyone?)?

Hewlett Packard Enterprise (HPE) has released security updates to address multiple vulnerabilities impacting Aruba Networking Access Point products, including two critical bugs that could result in unauthenticated command execution. The flaws affect Access Points running Instant AOS-8 and AOS-10 - AOS-10.4.x.x: 10.4.1.4 and below Instant AOS-8.12.x.x: 8.12.0.2 and below Instant AOS-8.10.x.x:

Cybersecurity researchers have uncovered nearly two dozen security flaws spanning 15 different machine learning (ML) related open-source projects. These comprise vulnerabilities discovered both on the server- and client-side, software supply chain security firm JFrog said in an analysis published last week. The server-side weaknesses "allow attackers to hijack important servers in the

Cyber threats are intensifying, and cybersecurity has become critical to business operations. As security budgets grow, CEOs and boardrooms are demanding concrete evidence that cybersecurity initiatives deliver value beyond regulation compliance. Just like you wouldn’t buy a car without knowing it was first put through a crash test, security systems must also be validated to confirm their value.

⚠️ Imagine this: the very tools you trust to protect you online—your two-factor authentication, your car’s tech system, even your security software—turned into silent allies for hackers. Sounds like a scene from a thriller, right? Yet, in 2024, this isn’t fiction; it’s the new cyber reality. Today’s attackers have become so sophisticated that they’re using our trusted tools as secret pathways,

Why is it that in every recent Presidential election I’ve found myself saying, “We’re a nation of (now) some 330 million people, and these are the best two we can pick from to lead us?” In a recent piece, Wall Street Journal defined the choice as Awful versus Empty. (Google will get you there, though […]

A misspelling of former President Donald Trump's name occurred on an optional ballot review screen in Virginia, prompting an unfounded claim on social media of "election fraud." The error was a typo that appeared only on the ballot review screen, not on actual ballots, and would not affect any votes, election officials said.

The post Typo in Trump’s Name on Ballot Review Screen Is Not ‘Election Fraud’ appeared first on FactCheck.org.

I was overwhelmed by the response to my last post, and so grateful for the reminder that there is still connection to be found online, I just need to push through my own self-consciousness to find it. And I have many good models for this behavior, people who are quick with a kind and supportive word, people who do not shy away from nuance.

Today I spent the day offline in the company of people like this, a small group of friends that gathers once a month to share our love of stationery: pens, ink, paper, notebooks, planners, postal mail, and the like. We sit around a big table and journal together while chatting, snacking, and drinking lattes carefully crafted by FunkyPlaid. The middle of the table soon fills with stickers, stamps, inks, and washi tapes that we’ve brought to share with each other.

As I look around the table at these treasured people, I think about how much work goes into building community. Healthy communities take intention, upkeep, energy, and shared values. This gathering happens every month because we invest all of this into making it happen. As hosts, FunkyPlaid and I make sure people feel cared for with food and drink in a clean and welcoming space. As guests, everyone brings what they want to share, and expresses interest in what they are interested in (and refrains from expressing disdain for what they aren’t).

It’s a lot of work, joyful work. And this work results in a day each month to anticipate, and memories to hold close the rest of the month. I hope never to take this community for granted.

The post The Beauty of Siberian Winter appeared first on English Russia.

The post Get to Plutoran Plateau to Die For Beauty appeared first on English Russia.

The post Just an Ordinary Girl Filled With Creativity appeared first on English Russia.

The post Russian Celebrity Twins Olga And Tatiana appeared first on English Russia.

The post Pretty Motor Mechanic Nastya appeared first on English Russia.

The post Party Hard In Memory of the Chernobyl Victims appeared first on English Russia.

This month's nycdevops meetup speaker is Nathen Harvey of Google, who will give a talk titled "Introduction to Site Reliability Engineering".

The talk starts at 5pm sharp! (NY is in US/Eastern)

Please RSVP! See you there!

https://www.meetup.com/nycdevops/events/272956481/

(This is a virtual meetup. Everyone around the world is invited!)

This isn't directly sysadmin-related, but it made me think of how a really good outage retrospective can teach others how to prevent problems in the future.

"On the 15th anniversary of the incident, the U.S. Chemical Safety Board is announcing a forthcoming interactive training application based on one of the worst industrial disasters in recent U.S. history--the March 23, 2005, explosion at the BP refinery in Texas City, Texas, which killed 15 workers, injured 180 others, and caused billions of dollars in economic losses. This updated animation will be included in the training, which will focus on OSHA's Process Safety Management standard. Look for it soon at CSB.gov."

Content warning: Death

The hepatitis E virus protein ORF1 contains a region that scientists have struggled to characterize, making the structure and function of this region the subject of much debate. Now, Princeton scientists show that this region of the protein does not behave as a protease, as has been previously suggested, but instead serves as a molecular scaffold to stabilize the rest of the ORF1 protein.

Research by Princeton scholars at the Atacama Cosmology Telescope collaboration has culminated in a significant breakthrough in understanding the evolution of the universe.

National survey highlights vibrancy and growth of campus research

The Princeton professor's research follows elephants, wolves and urban lizards. He hosts the new PBS series, "Human Footprint."

New paper from Princeton team challenges the conventional wisdom of superconducting quantum transitions.

Events this fall include a sold-out conversation with Icelandic-Chinese recording artist Laufey.

Stone is a leading engineering scholar and pioneer in fluid dynamics research. University Professor is Princeton’s highest honor for faculty.

A commitment to the liberal arts is at the core of Princeton University's mission. A new cohort of outstanding postdocs has joined the Society of Fellows for three years of teaching and research.

In the Class of 2028, 71.5% of students qualify for financial aid and 21.7% of the class are lower-income students eligible for federal Pell grants.

Princeton engineers and industry leaders have squelched a threat that had lurked for years in the internet’s encryption system.

The 9 a.m. service on Monday, Nov. 11, will also be livestreamed.

Kenneth Strother Jr., director of operations in Princeton University's Department of Public Safety (DPS), has been named assistant vice president for public safety, effective June 1.

Gilbert Harman, the James S. McDonnell Distinguished University Professor of Philosophy, Emeritus, died at his home in Princeton on Nov. 13 after a long illness with Alzheimer’s. He was 83.

Thirteen Princeton University faculty members were transferred to emeritus status in recent action by the Board of Trustees.

Two full professors and four assistant professors have been newly appointed to the Princeton University faculty.

The Princeton University Board of Trustees has approved the appointment of 14 faculty members, including two full professors, two associate professors and 10 assistant professors.

The Princeton University Board of Trustees has approved the appointment of 22 faculty members, including five full professors, one associate professor and 16 assistant professors.

ⓒ keico has added a photo to the pool:

'roid week 2024, day 1

found old polaroids and i didn't even remember these existed.

All are welcome to this treasured annual community gathering, the Interfaith Thanksgiving Worship Service, in the University Chapel. Sponsored by Princeton University’s Office of Religious Life and the Princeton Clergy Association.

About the Event Our resident ensemble of Princeton University performance faculty and talented students presents a Sunday-afternoon program of songs with and without words written by female composers on both sides of the Atlantic. Songs for mezzo-soprano and piano by prolific lieder composer Josephine Lang and for mezzo-soprano and mixed chamber ensemble by Dame Ethel Smyth bookend the program, with works for string quartet, solo piano, and flute, viola, and harp, that reference American, Jamaican, and European song and poetry in between. This event is presented by Princeton University Concerts. For a full event listing and tickets, please visit this link.

Music of Duke Ellington (The River) and Gustav Mahler (Symphony No. 4). Soprano soloist for Mahler will be Sara Shiff '25.

Music of Duke Ellington (The River) and Gustav Mahler (Symphony No. 4). Soprano soloist for Mahler will be Sara Shiff '25.

All professors, postdocs and staff are invited to this interdenominational Christian Bible study and community. The meeting is available via Zoom also.

About the Event Part of the Princeton University Concerts (PUC) Performances Up Close series, audience is seated onstage alongside the musicians in an hour-long program. Winners of a 2023 Avery Fisher Career Grant and the 14th Banff International String Quartet Competition in 2022, the New York City-based Isidore String Quartet was formed in 2019 with a vision to revisit, rediscover, and reinvigorate the repertory. The young ensemble will do just that when they make their Princeton debuts in a program featuring a recent string quartet by multiple GRAMMY-winner Billy Childs; Henri Dutilleux’s fascinating Ainsi la nuit (“Thus the Night”); and W.A. Mozart’s forward-thinking “Dissonance” quartet. This event is presented by Princeton University Concerts. For a full event listing and tickets, please visit this link.