- The Phase III trial AV001 aims to evaluate QUTENZA® in post-surgical neuropathic pain (PSNP), a debilitating complication of surgery occurring after approximately 10 percent of all surgical procedures[1], thus affecting more than 3 million people with surgical procedures per year in the U.S.[2]

EuroBSDCon 2024 [in Dublin, Ireland] has now ended, and slides for many of the OpenBSD developer presentations are now available in the usual place.

Video of the individual presentations can be expected somewhat later. In the meantime, OpenBSD-related presentations [including those from non-developers] can be found in the recordings of the "Foyer B" streams.

In addition, there was a full day PF tutorial with some updates to the publicly available slides.

The LibreSSL project, a closely associated subproject of the OpenBSD project, has announced the availability of their new stable release, LibreSSL 4.0.0, which comes with a number of improvements and a sprinkling of fixes.

The release announcement reads,

Subject:    LibreSSL 4.0.0 Released
From:       Brent Cook <busterb () gmail ! com>

We have released LibreSSL 4.0.0, which will be arriving in the
LibreSSL directory of your local OpenBSD mirror soon. This is the
first stable release for the 4.0.x branch, also available with OpenBSD 7.6

It includes the following change from LibreSSL 3.9.2:

  * Portable changes
    - Added initial Emscripten support in CMake builds.
    - Removed timegm() compatibility layer since all uses were replaced
      with OPENSSL_timegm(). Cleaned up the corresponding test harness.
    - The mips32 platform is no longer actively supported.
    - Fixed Windows support for dates beyond 2038.

Read more…

Version 0.104 of Game of Trees has been released (and the port updated).

* got 0.104; 2024-10-22
  see git repository history for per-change authorship information
- gotd.conf: document the macro syntax
- tog: prevent a segfault upon unexpected object type in ref list view
- fix pack file creation in the presence of tagged tag objects
- plugged some memory leaks
- fix a crash when unstaging a file which has been removed from disk
- gotwebd: fix out of bounds access while handling the configuration

MSX port of a classic homecomputer game

read more

A noodly adventure

read more

The MRC Christmas quiz saga continues

read more

Embark on a rescue mission to free your friend of the clutches of your arch-enemy

read more

I don't have a lot to say about the recent midterm election results.

• I was surprised by how poorly the Republicans did
• The American right needs to think long and hard about its political positions -- what they are, and how to communicate them to Americans in a persuasive way
• Candidate quality matters, and Trump has terrible judgement on this
• It's embarrassing that the results of the election aren't fully known almost a week later.

It seems like elections should be a lot easier. We've made them harder than they need to be.

• In-person voting on a single day, except for deployed military or invalids.
• Paper ballots, counted at the precinct. Properly maintain chain-of-custody records for ballots.
• Show identification to vote.
• Dip your thumb in purple ink after you've voted.

This isn't rocket science. All the fancy machines and alternate voting methods have made elections too complicated to administer in a transparent and credible manner.

An "ultimate" version of Band Aid's famous festive hit Do They Know It's Christmas? is set to be released to mark the song's 40th anniversary, featuring the voices of original singers as well as younger artists.

Another month lies behind us, so another monthly update from Redox is upon us. The biggest piece of news this time is undoubtedly that Redox now runs on RISC-V – a major achievement. Andrey Turkin has done extensive work on RISC-V support in the kernel, toolchain and elsewhere. Thanks very much Andrey for the excellent work! Jeremy Soller has incorporated RISC-V support into the toolchain and build process, has begun some refactoring of the kernel and device drivers to better handle all the supported architectures, and has gotten the Orbital Desktop working when running in QEMU. ↫ Ribbon and Ron Williams That’s not all, though. Redox on the Raspberry Pi 4 boots to the GUI login screen, but needs more work on especially USB support to become a fully usable target. The application store from the COSMIC desktop environment has been ported, and as part of this effort, Redox also adopted FreeDesktop standards to make package installation easier – and it just makes sense to do so, with more and more of COSMIC making its way to Redox. Of course, there’s also a slew of smaller improvements to the kernel, various drivers including the ACPI driver, RedoxFS, Relibc, and a lot more. The progress Redox is making is astounding, and while that’s partly because it’s easier to make progress when there’s a lot of low-hanging fruit as there inevitably will be in a relatively new operating system, it’s still quite an achievement. I feel very positive about the future of Redox, and I can’t wait until it reaches a point where more general purpose use becomes viable.

Old-school Apple fans probably remember a time, just before the iPhone became a massive gaming platform in its own right, when Apple released a wide range of games designed for late-model clickwheel iPods. While those clickwheel-controlled titles didn’t exactly set the gaming world on fire, they represent an important historical stepping stone in Apple’s long journey through the game industry. Today, though, these clickwheel iPod games are on the verge of becoming lost media—impossible to buy or redownload from iTunes and protected on existing devices by incredibly strong Apple DRM. Now, the classic iPod community is engaged in a quest to preserve these games in a way that will let enthusiasts enjoy these titles on real hardware for years to come. ↫ Kyle Orland at Ars Technica A nice effort, of course, and I’m glad someone is putting time and energy into preserving these games and making them accessible to a wider audience. As is usual with Apple, these small games were heavily encumbered with DRM, being locked to both the the original iTunes account that bought them, but also to the specific hardware identifier of the iPod they were initially synchronised to using iTunes. A clever way around this DRM exists, and it involves collectors and enthusiasts creating reauthorising their iTunes accounts to the same iTunes installation, and thus adding their respective iPod games to that single iTunes installation. Any other iPods can then be synced to that master account. The iPod Clickwheel Games Preservation Project takes this approach to the next level, by setting up a Windows virtual machine with iTunes installed in it, which can then be shared freely around the web for people to the games to their collection. This is a rather remarkably clever method of ensuring these games remain accessible, but obviously does require knowledge of setting up Qemu and USB passthrough. I personally never owned an iPod – I was a MiniDisc fanatic until my Android phone took over the role of music player – so I also had no clue these games even existed. I assume most of them weren’t exactly great to control with the limited input method of the iPod, but that doesn’t mean there won’t be huge numbers of people who have fond memories of playing these games when they were younger – and thus, they are worth preserving. We can only hope that one day, someone will create a virtual machine that can run the actual iPod operating system, called Pixo OS.

A long, long time ago, back when running BeOS as my main operating system had finally become impossible, I had a short stint running QNX as my one and only operating system. In 2004, before I joined OSNews and became its managing editor, I also wrote and published an article about QNX on OSNews, which is cringe-inducing to read over two decades later (although I was only 20 when I wrote that – I should be kind to my young self). Sadly, the included screenshots have not survived the several transitions OSNews has gone through since 2004. Anyway, back in those days, it was entirely possible to use QNX as a general purpose desktop operating system, mostly because of two things. First, the incredible Photon MicroGUI, an excellent and unique graphical environment that was a joy to use, and two, because of a small but dedicated community of enthousiasts, some of which QNX employees, who ported a ton of open source applications, from basic open source tools to behemoths like Thunderbird, the Mozilla Suite, and Firefox, to QNX. It even came with an easy-to-use package manager and associated GUI to install all of these applications without much hassle. Using QNX like this was a joy. It really felt like a tightly controlled, carefully crafted user experience, despite desktop use being so low on the priority list for the company that it might as well have not been on there at all. Not long after, I think a few of the people inside QNX involved with the QNX desktop community left the company, and the entire thing just fizzled out afterwards when the company was acquired by Harman Kardon. Not long after, it became clear the company lost all interest, a feeling only solidified once Blackberry acquired the company. Somewhere in between the company released some of its code under some not-quite-open-source license, accompanied by a rather lacklustre push to get the community interested again. This, too, fizzled out. Well, it seems the company is trying to reverse course, and has started courting the enthusiast community once again. This time, it’s called QNX Everywhere, and it involves making QNX available for non-commercial use for anyone who wants it. No, it’s not open source, and yes, it requires some hoops to jump through still, but it’s better than nothing. In addition, QNX also put a bunch of open source demos, applications, frameworks, and libraries on GitLab. One of the most welcome new efforts is a bootable QNX image for the Raspberry Pi 4 (and only the 4, sadly, which I don’t own). It comes with a basic set of demo application you can run from the command line, including a graphical web browser, but sadly, it does not seem to come with Photon microGUI or any modern equivalent. I’m guessing Photon hasn’t seen a ton of work since its golden days two decades ago, which might explain why it’s not here. There’s also a list of current open source ports, which includes chunks of toolkits like GTK and Qt, and a whole bunch of other stuff. Honestly, as cool as this is, it seems it’s mostly aimed at embedded developers instead of weird people who want to use QNX as a general purpose operating system, which makes total sense from QNX’ perspective. I hope Photon microGUI will make a return at some point, and it would be awesome – but I expect unlikely – if QNX could be released as open source, so that it would be more likely a community of enthusiasts could spring up around it. For now, without much for a non-developer like me to do with it, it’s not making me run out to buy a Raspberry Pi 4 just yet.

Korzystając z zainfekowanych telefonów, przestępcy rozsyłają wiadomości SMS z informacją o konieczności podjęcia działań wraz z linkiem do złośliwej strony. Jeśli użytkownik zgodzi sie na pobranie i zainstalowanie aplikacji to po uzyskaniu odpowiednich uprawnień przejmuje ona kontrolę nad urządzeniem i wykradać dane z telefonu.

Głównym celem tego oszustwa jest zachęcenie potencjalnej ofiary do podania danych logowania do swojego konta bankowości internetowej, aby następnie wyłudzić przechowywane pieniądze.

Sukcesywnie każdego roku CERT Polska rejestruje coraz większą liczbę zgłoszeń oraz incydentów cyberbezpieczeństwa. W 2021 r. CERT Polska zarejestrował 116 071 zgłoszeń. Spośród wszystkich zgłoszeń nasi specjaliści wytypowali 65 586, na podstawie których zarejestrowano łącznie 29 483 unikalnych incydentów cyberbezpieczeństwa.

W ostatnim czasie obserwujemy ataki grupy UNC1151/Ghostwriter z wykorzystaniem techniki Browser in the Browser. Grupa ta od ponad roku atakuje skrzynki pocztowe polskich obywateli. Wykorzystywane techniki z biegiem czasu ulegają zmianie, ale motyw przewodni używanych wiadomości, jak i cel pozostaje ten sam.

Celem tego oszustwa jest nakłonienie ofiary do sparowania aplikacji obsługującej wiadomości SMS z urządzeniem sprawcy poprzez zeskanowanie kodu QR. Następnie dochodzi do obciążenia rachunku ofiary, a w niektórych przypadkach również do próby szantażu.

Fortinet opublikował informację o krytycznej podatności CVE-2022-42475 pozwalającej na zdalne wykonanie kodu bez uwierzytelniania w module SSL-VPN (sslvpnd) dla FortiOS. Podatność była aktywnie wykorzystywana w atakach jeszcze zanim jej istnienie zostało ujawnione.

Przestępcy coraz częściej personalizują swoje kampanie, tworzą je pod potencjalne ofiary. Chcą tak wzbudzić większy niepokój, ale także urealistycznić atak. Osiągają to m.in. zwracając się do adresata bezpośrednio po jego imieniu.

Zespół CERT Polska zaobserwował nowy wariant oszustwa, w którym przestępcy wykorzystują wizerunek Ministerstwa Finansów. Celem tego oszustwa jest zachęcenie potencjalnej ofiary do udostępnienia swoich danych uwierzytelniających do bankowości internetowej.

Spear phishing jest oszustwem o charakterze socjotechnicznym, wykorzystującym presję autorytetu i czasu, aby skłonić atakowanego do podjęcia niekorzystnego dla niego działania. Fakt, że zazwyczaj informacje potrzebne do przeprowadzenia ataku są publicznie dostępne lub łatwe do uzyskania, czyni to oszustwo popularnym wśród cyberprzestępców.

Zespół CERT Polska oraz Służba Kontrwywiadu Wojskowego zaobserwowały kampanię szpiegowską łączoną z działaniami rosyjskich służb specjalnych. Celem kampanii było nielegalne pozyskiwanie informacji z ministerstw spraw zagranicznych oraz placówek dyplomatycznych, w większości znajdujących się w państwach należących do NATO i Unii Europejskiej.

Dwudziesta szósta edycja Secure za nami. „Bezpieczeństwo w dobie zmian” – to hasło przewodnie zakończonej właśnie konferencji.

Od początku sierpnia CERT Polska jako jedyna instytucja w kraju i jeden z 7 CERT-ów w Europie może nadawać numery CVE, które służą identyfikacji i katalogowaniu publicznie ujawnionych podatności.

Wakacje to czas wyjazdów przede wszystkim dzieci i młodzieży. Poza domem nietrudno o pechowe przygody z telefonem, takie jak zagubienie czy zniszczenie smartfona. Jeśli dziecko znajdzie się w takiej sytuacji, dość prawdopodobne jest, że będzie się kontaktować z rodzicami z innego numeru i na tym właśnie opiera się schemat opisywanego przez nas oszustwa. Bądźcie ostrożni i sprawdźcie zamieszczone przykładowe wiadomości wysyłane masowo przez cyberprzestępców!

W oprogramowaniu SAS 9.4 wykryto podatność typu Reflected XSS (CVE-2023-4932).

Secure to dwudniowa konferencja poświęcona strategicznym wyzwaniom w cyberprzestrzeni. Wydarzenie odbędzie się w dniach 16-17 kwietnia w Muzeum Historii Polski w Warszawie. Tegoroczna edycja odbywa się pod hasłem "Horyzont cyberwyzwań".

W oprogramowaniu routera Hongdian H8951-4G-ESP wykryto 10 podatności różnego typu (od CVE-2023-49253 do CVE-2023-49262).

Jednym z kluczowych wyzwań związanych z europejskim cyberbezpieczeństwem jest zależność od danych pochodzących z krajów spoza UE. Projekt FETTA (Federated European Team for Threat Analysis, pol. Europejski Zespół Analizy Zagrożeń) ma na celu rozwiązanie tego problemu poprzez utworzenie międzynarodowego zespołu opracowującego produkty i narzędzia z zakresu Cyber Threat Intelligence (CTI).

W oprogramowaniu CraftBeerPi 4 wykryto podatność typu Improper Input Validation (CVE-2024-3955).

CERT Polska wydał rekomendacje w związku z obserwowaną zwiększoną liczbę ataków na przemysłowe systemy sterowania (ICS/OT) dostępne bezpośrednio z internetu.

DNS4EU to element strategii cyberbezpieczeństwa opublikowanej przez Komisję Europejską. Celem projektu jest wprowadzenie prywatnego i bezpiecznego publicznego resolvera DNS w ramach Unii Europejskiej, co przyczyni się do budowania niezależności w obszarze usług cyfrowych.

W ramach badań własnych CERT Polska znalazł 2 podatności (CVE-2024-3798 oraz CVE-2024-3799) w otwartoźródłowym projekcie Phoniebox.

W oprogramowaniu routerów KAON AR2140 wykryto podatność typu Command Injection (CVE-2024-3659).

W tegorocznej edycji cyklu #CyberParawan zamiast leżeć na plaży, zabraliśmy Was w podróż przez letnie strategie cyberprzestępców.

(EMAILWIRE.COM, October 23, 2024 ) Membership Management Software Market is expected to reach USD 8.64 billion by 2030, with a CAGR of 4.7% between 2024 and 2030. The membership management software is used to help organizations with work. Most of the administrative duties are expected to be automatized....

(EMAILWIRE.COM, October 23, 2024 ) The global Computer Vision in Healthcare market growth forecasted to transform from USD 3.9 billion in 2024 to USD 11.5 billion by 2029, driven by a CAGR of 24.0%. Market growth is propelled by the regulatory initiatives and incentives promote the adoption of computer...

(EMAILWIRE.COM, October 24, 2024 ) The oligonucleotide synthesis market is experiencing significant growth due to its applications in diagnostics, therapeutics, and research. North America holds the largest market share due to established research infrastructure and strong demand. Asia Pacific...

Bloggerhttp://www.blogger.comhttp://simplyukgadgets.blogspot.com ...

Bray Austin acjzi at kforce.com. Mon Apr 9 11:50:06 PDT 2007. Previous message: gingham. Next message: Simplyukgadgets Forums, ...

Simply UK Gadgets, Simplyukgadgets Forums. Simplyukgadgets Forums ... photos, internet search engine and free downloads. www.simplyukgadgets.co. uk. ...

Simplyukgadgets All About New Gadgets, Gizmos And Well, Boys Toys. ... Simply UK Gadgets, Simplyukgadgets Forums. htm Such unrealistic expectations ...

water pearls and the the gemstone is fresh viesearch com simplyukgadgets all about new gadgets. Lumber is readily available and it's a replaceable resource ...

Simply UK Gadgets, Simplyukgadgets Forums. Simplyukgadgets Forums .... MyMo cellphone for kids pulled off the ... www.simplyukgadgets.co.uk ...a ...

Simplyukgadgets Forums, . photos, internet search engine and free downloads. ... Back to Search Results Google Alert results for: simplyukgadgets. ...

water pearls and the the gemstone is fresh viesearch com simplyukgadgets all about new gadgets. Please sign in to MSN Spaces below with your Microsoft . ...

Google Alert results for: Simply UK Gadgets - boosted by feedcat.net ...

StartTags has retagged these sites with mymo ... Message: Simply UK Gadgets, Simplyukgadgets Forums. HRDP_GROUP: humanresourcedevelopmentprogram(Burma) ...

ricerche inerenti Simply Uk Gadgets: - Regali Tesi - Bomboniera Capodimonte - Portachiavi. ... Sella cio simply uk gadgets . Type as you would on a normal ...