Call-On-Doc launches a new compounded weight loss prescription service, offering affordable alternatives starting at $190/month, making weight loss medication more accessible.

A sheep farm in North Rhine-Westphalia in Germany produces the first textile made from the wool of gay rams, making a bold fashion statement for the LGBTQIA+ community.

In recent months, the world of ecommerce systems has been shaken up. Despite all the changes currently affecting the industry, Shopware has managed to take a leading role among ecommerce systems with a simple strategy: putting people at the centre. Shopware has a lot to offer in terms of solutions, and a unique project in the industry is currently causing a stir: the video-on-demand service shopware.tv.

The best flippin' game of the year is a collectible token flipping game for ages 5+.

Baskits Inc. has announced its placement in the 2022 Report on Business ranking of Canada's Top Growing Companies for a third consecutive year.

Youth Grow Up Searching for a Better Life.

Borro's team of accredited luxury asset experts and financing specialists tailor loans to meet individual and business needs, making Borro a trusted lender to over 15,000 clients since 2008.

Itzehoe/Tübingen, March 17, 2022 – With 150 employees, new production lines and innovative technologies for battery cell production, CUSTOMCELLS, one of the leading companies in the development and series production of state-of-the-art lithium-ion battery cells, is pushing ahead at full speed with its plans for growth in 2022.

www.consultingcheck.com is now available for all English-speaking business managers. The innovative and web-based digital service supports specialists and managers of all kinds of business groups.

More than 150 employees, locations in Itzehoe and Tübingen, strong partnerships, and a sustainable footprint as a developer and manufacturer along the entire value chain: That is the record CUSTOMCELLS has built in the ten years since the company was founded.

• Entry into EC motor manufacturing • Further growth in battery segment • Variety of new battery-operated products for professional and home users

"documenta. Politics and Art" from 18 June 2021 to 9 January 2022, The documenta owes its rise to the most successful German art exhibition not least to its political dimension: its disassociation from National Socialism and the bloc building of the Cold War.

Discover the profound artistic expression in Danielle Nelisse's "Jungle Garden," lauded by esteemed curator Debra Drexler and University of Hawaii Art Professor, embodying hope, resilience, and nature's renewal after the Maui fires. Immerse yourself in this vibrant exhibition at Hui No' Eau Art Gallery, where Nelisse's oil painting and others represent a symbol of nature's power against the backdrop of Maui's lush landscape.

Who Will Be By His Side While He Tries To Help Himself

What Do We Know That Can Help Us Understand Our Reality

What Will Happen If We Don't Take Care Of The World Around Us

World Class AI Management Tool Updated by Corner Bowl Software - Corner Bowl Server Management tool is the Industry Standard for AI driven KPI reporting, monitoring, and compliance management.

You should read the following information carefully, then completely destroy the computer you are reading it on.

Our favorite operating system is now changing the default shell (ksh) to enforce not allowing invalid NUL characters in input that will be parsed as parts of the script.

The commit message reads,

List:       openbsd-cvs
Subject:    CVS: cvs.openbsd.org: src
From:       Theo de Raadt <deraadt () cvs ! openbsd ! org>
Date:       2024-09-23 21:18:33

CVSROOT:	/cvs
Module name:	src
Changes by:	deraadt@cvs.openbsd.org	2024/09/23 15:18:33

Modified files:
	bin/ksh        : shf.c 

Log message:
If during parsing lines in the script, ksh finds a NUL byte on the
line, it should abort ("syntax error: NUL byte unexpected").  There
appears to be one piece of software which is misinterpreting guidance
of this, and trying to depend upon embedded NUL.  During research,
every shell we tested has one or more cases where a NUL byte in the
input or inside variable contents will create divergent behaviour from
other shells.  (ie. gets converted to a space, is silently skipped, or
aborts script parsing or later execution).  All the shells are written
in C, and majority of them use C strings for everything, which means
they cannot embed a NUL, so this is not surprising.  It is quite
unbelievable there are people trying to rewrite history on a lark, and
expecting the world to follow alone.

Read more…

Theo de Raadt (deraadt@) updated the version of OpenBSD -current to "7.6-current".

Those running the latest-and-greatest [via a sufficiently new snapshot or built from source] no longer need to use "-D snap" with pkg_add(1) (and pkg_info(1)).

President Eisenhower famously warned America about the risk of the military-industrial complex, but he also foresaw the risk that public policy would be captured by a scientific-technological elite.

Today, the solitary inventor, tinkering in his shop, has been over shadowed by task forces of scientists in laboratories and testing fields. In the same fashion, the free university, historically the fountainhead of free ideas and scientific discovery, has experienced a revolution in the conduct of research. Partly because of the huge costs involved, a government contract becomes virtually a substitute for intellectual curiosity. For every old blackboard there are now hundreds of new electronic computers.

The prospect of domination of the nation's scholars by Federal employment, project allocations, and the power of money is ever present and is gravely to be regarded.

Yet, in holding scientific research and discovery in respect, as we should, we must also be alert to the equal and opposite danger that public policy could itself become the captive of a scientific-technological elite.

(HT: American Experiment and Victory Girls.)

Ross Douthat says that this fact is the heart of the abortion issue, and I agree. Our tolerance, acceptance, and promotion of at-will abortion is a shame and humiliation for our generation and civilization. Our descendants will look back on this era with horror and disgust, much like we view slavery and the Holocaust. They will ask, how could any people kill a million of their own children every year? How did they talk themselves into accepting the slaughter of the weakest and most vulnerable among them? How did they dehumanize the unborn, to be exterminated like insect infestations?

As is often the case, the solution to abortion -- and the general mistreatment of children and other vulnerable people -- won't be found in laws or courts. The solution is for each of us to honor the divine spark in each other. To recognize that we are each made in God's image, and each uniquely valuable because of that likeness.

Deuteronomy 27:19 -- 'Cursed be anyone who perverts the justice due to the sojourner, the fatherless, and the widow.' And all the people shall say, 'Amen.'

Exodus 22:22 -- You shall not mistreat any widow or fatherless child. If you do mistreat them, and they cry out to me, I will surely hear their cry.

Psalm 68:5 -- Father of the fatherless and protector of widows is God in his holy habitation.

I don't have a lot to say about the recent midterm election results.

• I was surprised by how poorly the Republicans did
• The American right needs to think long and hard about its political positions -- what they are, and how to communicate them to Americans in a persuasive way
• Candidate quality matters, and Trump has terrible judgement on this
• It's embarrassing that the results of the election aren't fully known almost a week later.

It seems like elections should be a lot easier. We've made them harder than they need to be.

• In-person voting on a single day, except for deployed military or invalids.
• Paper ballots, counted at the precinct. Properly maintain chain-of-custody records for ballots.
• Show identification to vote.
• Dip your thumb in purple ink after you've voted.

This isn't rocket science. All the fancy machines and alternate voting methods have made elections too complicated to administer in a transparent and credible manner.

Headlights illuminate a group of soldiers smoking and drinking steaming cups of coffee on the side of a road in northeastern Ukraine.

The Princess of Wales will host her Christmas carol concert this year, reflecting on "how much we need each other, especially in the most difficult times of our lives".

An "ultimate" version of Band Aid's famous festive hit Do They Know It's Christmas? is set to be released to mark the song's 40th anniversary, featuring the voices of original singers as well as younger artists.

Train companies are set to face a review over how they prosecute and enforce rail fare evasion after reports of disproportionate action taken against passengers.

Microsoft has confirmed the general availability of Windows Server 2025, which, as a long-term servicing channel (LTSC) release, will be supported for almost ten years. This article describes some of the newest developments in Windows Server 2025, which boasts advanced features that improve security, performance, and flexibility. With faster storage options and the ability to integrate with hybrid cloud environments, managing your infrastructure is now more streamlined. Windows Server 2025 builds on the strong foundation of its predecessor while introducing a range of innovative enhancements to adapt to your needs. ↫ What’s new in Windows Server 2025 article It should come as no surprise that Windows Server 2025 comes loaded with a ton of new features and improvements. I already covered some of those, such as DTrace by default, NVMe and storage improvements, hotpatching, and more. Other new features we haven’t discussed yet are a massive list of changes and improvements to Active Directory, a feature-on-demand feature for Azure Arc, support for Bluetooth keyboards, mice, and other peripherals, and tons of Hyper-V improvements. SMB is also seeing so many improvements it’s hard to pick just a few to highlight, and software-defined networking is also touted as a major aspect of Server 2025. With SDN you can separate the network control plane from the data plane, giving administrators more flexibility in managing their network. I can just keep going listing all of the changes, but you get the idea – there’s a lot here. You can try Windows Server 2025 for free for 180 days, as a VM in Azure, a local virtual machine image, or installed locally through an ISO image.

Today, Microsoft announced the general availability of Windows Server IoT 2025. This new release includes several improvements, including advanced multilayer security, hybrid cloud agility, AI, performance enhancements, and more. Microsoft claims that Windows Server IoT 2025 will be able to handle the most demanding workloads, including AI and machine learning. It now has built-in support for GPU partitioning and the ability to process large datasets across distributed environments. With Live Migration and High Availability, it also offers a high-performance platform for both traditional applications and advanced AI workloads. ↫ Pradeep Viswanathan at Neowin Windows Server IoT 2025 brings the same benefits, new features, and improvements as the just-released regular Windows Server 2025. I must admit I’m a little unclear as to what Windows Server IoT has to offer over the regular edition, and reading the various Microsoft marketing materials and documents don’t really make it any clearer for me either, since I’m not particularly well-versed in all that enterprise networking lingo.

Steam has finally stopped working on several older Windows operating systems, following a warning from Valve that it planned to drop support earlier this year. With little fanfare, Windows 7 and Windows 8 gaming on Steam is no longer possible following the most recent Steam client update on November 5. ↫ Ben Stockton at PCGamesN It’s honestly wild that Valve supported Windows 7 and 8 for this long for Steam in the first place. They’ve been out of support for a long time, and at this point in time, less than 0.3% of Steam users were using Windows 7 or 8. Investing any resources in continuing to support them would be financially irresponsible, while also aiding a tiny bit in allowing people to use such unsupported, insecure systems to this day. I’m sure at least one of you is still rocking Windows 7 or 8 as your daily driver operating system, so I’m sorry if you don’t want to hear this, but it’s really, really time to move on. Buying a Windows 10 or 11 license on eBay or whatever costs a few euros at most – if you’re not eligible for one the free upgrade programs Microsoft ran – and especially Windows 10 should run just fine on pretty much anything Windows 7 or 8 runs on. Do note that with Windows 10, though, you’ll be back in the same boat next year.

Korzystając z zainfekowanych telefonów, przestępcy rozsyłają wiadomości SMS z informacją o konieczności podjęcia działań wraz z linkiem do złośliwej strony. Jeśli użytkownik zgodzi sie na pobranie i zainstalowanie aplikacji to po uzyskaniu odpowiednich uprawnień przejmuje ona kontrolę nad urządzeniem i wykradać dane z telefonu.

Przestępcy wykorzystują kilka metod propagowania oszustwa oraz zachęcania potencjalnej ofiary do podania poufnych danych związanych z portalem Facebook. Konta te też są wykorzystywane do wyłudzania środków finansowych od osób będących w kręgu znajomych przejętego konta.

Głównym celem tego oszustwa jest zachęcenie potencjalnej ofiary do podania danych logowania do swojego konta bankowości internetowej, aby następnie wyłudzić przechowywane pieniądze.

Przestępcy coraz częściej personalizują swoje kampanie, tworzą je pod potencjalne ofiary. Chcą tak wzbudzić większy niepokój, ale także urealistycznić atak. Osiągają to m.in. zwracając się do adresata bezpośrednio po jego imieniu.

Zespół CERT Polska zaobserwował nowy wariant oszustwa, w którym przestępcy wykorzystują wizerunek Ministerstwa Finansów. Celem tego oszustwa jest zachęcenie potencjalnej ofiary do udostępnienia swoich danych uwierzytelniających do bankowości internetowej.

Ostrzegamy - szkodliwe oprogramowanie z rodziny Hydra ponownie aktywne. Jako cel obiera dane logowania do aplikacji bankowych na systemach Android.

Ostrzegamy - fałszywe reklamy w serwisie Google Search wykorzystywane do propagacji szkodliwego oprogramowania.

Przestępcy próbują doprowadzić do infekcji komputera ofiary wszelkimi możliwymi sposobami. Bardzo częstym wektorem ataku są masowo wysyłane emaile zawierające złośliwe załączniki, które mają zostać otworzone i uruchomione przez ofiarę.

Ostrzegamy przed kampanią phishingową ukierunkowaną na klientów serwisu Netflix. Celem przestępców jest wyłudzenie danych dostępowych do konta oraz poufnych informacji związanych z kartą płatniczą.

Spear phishing jest oszustwem o charakterze socjotechnicznym, wykorzystującym presję autorytetu i czasu, aby skłonić atakowanego do podjęcia niekorzystnego dla niego działania. Fakt, że zazwyczaj informacje potrzebne do przeprowadzenia ataku są publicznie dostępne lub łatwe do uzyskania, czyni to oszustwo popularnym wśród cyberprzestępców.

Jednym z najczęstszych zagrożeń dla internautów, obserwowanych przez nasz zespół, pozostaje phishing. Pozornie nieszkodliwe maile, często wzywające do pilnego działania, mogą prowadzić do fałszywych witryn wyłudzających dane.

W tym tygodniu doszło do publikacji dużego zbioru danych wykorzystywanych do logowania przez polskich użytkowników. W ramach tego wycieku udostępniono ponad milion unikalnych rekordów z loginem oraz hasłem do różnych stron. W związku z tym jednostki odpowiedzialne za cyberbezpieczeństwo w Polsce, w tym CERT Polska, podjęły odpowiednie działania w celu ograniczenia skutków tej sytuacji.

Nasza Lista Ostrzeżeń obchodziła w tym roku swoje trzecie urodziny. W tym czasie udało nam się ograniczyć skutki wielu różnych kampanii phishingowych celujących w polskich użytkowników Internetu. W odpowiedzi na zmieniający się krajobraz zagrożeń postanowiliśmy wprowadzić parę zmian w działaniu naszej listy, które pozwolą nam lepiej chronić użytkowników. Zapraszamy do zapoznania się z proponowanymi zmianami oraz podzielenia się swoją opinią.

W module WebInteraface oprogramowania Telwin SCADA CERT Polska wykrył podatność typu Path Traversal (CVE-2023-0956).

Wakacje to czas wyjazdów przede wszystkim dzieci i młodzieży. Poza domem nietrudno o pechowe przygody z telefonem, takie jak zagubienie czy zniszczenie smartfona. Jeśli dziecko znajdzie się w takiej sytuacji, dość prawdopodobne jest, że będzie się kontaktować z rodzicami z innego numeru i na tym właśnie opiera się schemat opisywanego przez nas oszustwa. Bądźcie ostrożni i sprawdźcie zamieszczone przykładowe wiadomości wysyłane masowo przez cyberprzestępców!

W oprogramowaniu UptimeDC firmy ProIntegra S.A wykryto podatność pozwalającą na eskalację uprawnień (CVE-2023-4997).

W oprogramowaniu SmodBIP wykryto podatność CSRF (CVE-2023-4837).

Firma Cisco opublikowała informację o krytycznej podatności CVE-2023-20198 w funkcjonalności Web User Interface oprogramowania Cisco IOS XE. Luka umożliwia nieautoryzowanemu złośliwemu użytkownikowi utworzenie konta administratora z poziomu interfejsu użytkownika i przejęcie kontroli nad urządzeniem docelowym.

W oprogramowaniu Apereo Central Authentication Service wykryto podatność pozwalającą na ominięcie wieloskładnikowego uwierzytelnienia (CVE-2023-4612).

W oprogramowaniu SAS 9.4 wykryto podatność typu Reflected XSS (CVE-2023-4932).