rip redhat?

https://www.bleepingcomputer.com/news/security/red-hat-confirms-security-incident-after-hackers-claim-github-breach/

If you have any direct connections to #IngramMicro as a vendor, or supply chain partner, might want to check your systems: https://ir.ingrammicro.com/press-releases/detail/945/ingram-micro-issues-statement-regarding-cybersecurity-incident

I heard on a #pod this morning that they claim no customer or other external systems were compromised, and that it seems to be a "vanilla attack" rather than a nation-state (which would have been far worse). Still doesn't hurt to check with your IT teams to see if there are any indirect effects.

#CyberWarefare #Ransomware #Hacking #StayCyberSafe #BeCyberAware

The astronomy world is abuzz with the discovery of a new visitor to the solar system, not an asteroid or comet but an object from interstellar space, similar to ʻOumuamua in 2017.

Its hyberbolic orbit with eccentricity 6 implies it came from and is headed to far beyond the solar system.

The object officially named 3I/ATLAS and C/2025 N1 (aka A11pl3Z) will not pass close to Earth; perihelion will be around Oct 29, just inside the orbit of Mars.

Size: 20 km?

https://minorplanetcenter.net/mpec/K25/K25N12.html
1/n

Did you know babies being born this year (2025) are

Gen BETA

?

So new parents are now Beta Testers.

😳

@r_alb @Em0nM4stodon

@airshipper 😜

Exploit a #zeroday then self-patch the #vulnerability so other hackers can't use the same exploit? AND you maintain #persistence while hiding in plain sight for longer? Damn - that's really fuckin clever.

https://www.darkreading.com/cyber-risk/initial-access-broker-self-patches-zero-days

#CyberWarfare #Hacking #ThreatAssessment #BeCyberSafe #StayCyberAware #F5

As we expand our tech teams, it is VERY important to watch out for scams like what #DPRK is doing right now:
https://www.darkreading.com/cyberattacks-data-breaches/scope-scale-spurious-north-korean-it-workers

#AI #HR #Tech #Hiring #SysAdmin

Here's another victim of #ScatteredSpider https://www.darkreading.com/cyberattacks-data-breaches/qantas-airlines-breached-6m-customers

Just attended a briefing yesterday about this specific topic #ScatteredSpider:
https://www.darkreading.com/cyberattacks-data-breaches/scattered-spider-hacking-spree-airline-sector

"Palo Alto Networks urged organizations in the sector to be "on high alert for sophisticated and targeted social engineering attacks and suspicious MFA reset requests," citing evidence of similar attacks.

#Airline #CyberFraud #ThreatAssessment #SocialEngineering #CyberWarfare #BeCyberSafe #StayCyberAware #CriticalInfrastructure

The opening of an American concentration camp

https://steveschmidt.substack.com/p/the-opening-of-an-american-concentration?r=68h2g&triedRedirect=true

#NoConcentrationCamps

I have also heard positive feedback on #OpenWebUI - which brings a #GUI to ollama. Haven't tried it yet (it requires #docker to be setup) but my colleagues in the space are raving about it.

In case anyone wants to run their own #LLM on their personal devices, I can suggest #lmstudio It allows you to download any major model that's out there to your own laptop/desktop, and then you can use it's Graphical Interface to interact with it in a familiar interface environment, as you would #Claude or #ChatGPT or #Gemini. It will also let you know if your device has enough resources (power) to run a specific model variant: https://lmstudio.ai/

For those of you who love the Terminal (aka: Command Line Interface or #CLI), check out https://ollama.com/

For starters, I suggest the #gemma3n model (works great on tablets, laptops, or phones), or #llama3.1 for the most common interactions. While most of us geeks will have very powerful personal systems, or servers in our home racks, most people do not have high-end systems/devices. The gemma3n model is lightweight, very powerful, and a solid general purpose LLM.

What's the benefit of running LLM's locally? #Privacy is a big one (it's running on your local machine, not a cloud server) - so you can ask it questions against sensitive business data, PHI/PII, etc.. You can also run it #offline (no Internet connection required) so if you wanted to #airgap your interactions, or play with it on vacation (on a plane, lost in the back country, etc.), you can absolutely do that - even with the Deepseek model.

I started playing with both LM Studio and ollama myself - been asking models basic questions like "what is the capital of Italy" and also more complex questions like "write me a #powershell script to add users of a specific OU to a number of Security Groups within AD" and so far, it's been very accurate. The PowerShell script llama3.1 provided worked out of the box (after I revised variables to match my environment).

#AIForward #AI #AiResearch #FunWithAI

@troyhunt I have seen your site evangelized all over the place recently, including by myself in my own company trainings lol. You have created an amazing tool. Congrats on the spikes in traffic!

@QasimRashid yet another reason to say "fuck the Gators".

@vlrny I support this activity whole heartedly

How far can a toot travel in the fediverse?

I chatted recently with someone who complained that the fediverse lacked "reach".

So I'm curious: if you are up for it, could you please reply to this toot (which started life on single user instance on a tiny computer in a garage in the United Kingdom) saying which country you are in?

Edit: 12 hours, 74 countries: https://neilzone.co.uk/2025/04/a-toot-travelled-to-fediverse-users-in-53-countries-in-12-hours/

@neil Rocky Mountains US here

#CyberHygiene is an important topic, now more than ever, and even more so as time goes on, especially in the new-world of #AI. So, let's have a quick chat!

I talk about this in my #AwarenessTrainings that I put together for my company. People sometimes have the mistaken notion that they aren't targets for bad actors because they aren't famous and don't have a high net worth, or don't have a high-profile job. But that's simply not the case today. Anyone with any online presence is a potential target to attackers. That means everyone needs to know their cyber hygiene. So what does that look like?

Basic cyber hygiene is essential and easy. Steps include (extra details below):
➡️ Be more stringent about the info you share online 📅
➡️ Review and adjust #privacy settings 🔒
➡️ Use strong and unique #passwords 🗝️
➡️ Enable two-factor #authentication 🗝️
➡️ #Monitor online presence 👀
➡️ Learn about data brokers ⬅️
➡️ Secure all devices 🔐
➡️ Be skeptical of unsolicited requests 😯
➡️ Regularly audit third-party apps with access to your accounts ❗
➡️ Monitor credit reports 💰
➡️ Separate personal and professional identities 👬

I go into A LOT more detail about each point in my recent blog post (TL;DR for :mastodon: lol). Check it out here, and let me know your thoughts or questions!

https://geekofthehouse.blogspot.com/2025/04/a-chat-about-cyberhygiene.html

This is scary. Make sure you get the #IOCs and update your #security platforms to protect against this dangerous #RAT: https://www.cyfirma.com/research/neptune-rat-an-advanced-windows-rat-with-system-destruction-capabilities-and-password-exfiltration-from-270-applications/