reshared this
Just checking if I use a link here to my own blog if it generates the "more from" bar at the bottom
cogdogblog.com/2019/09/lacktri…
Lacktribution: Be Like Everyone Else
Go ahead, be a copycat. Down at number 111 of the 2019 Top Tool for learning is a site I use often myself for finding images available for reuse, pixabay. The rank is anything I care about. Among t…CogDogBlog
they are on 4.3.4, which isn't the latest but anything in 4.3+ does have this feature.
You need to make sure your blog has the fediverse creator meta data in the header, and also that your profile has the domain marked as being able to generate the link. It also has to be a unique link to the instance (so something from 2019 may already have data) for it to generate the link preview.
@vmstan Thanks much. My WordPress blog with the ActivityPub plugin does add the fediverse creator tag (can see in source) and I added the blog domain to the plugin settings for sites that can generate.
But I think you got it, I picked a really old post, I will try a newer one.
By accident, Trump administration national security leadership includes journalist from The Atlantic in group chat discussing upcoming attack on Houtis in Yemen.
youtu.be/H1eFV_5XTWk?si=hhQkLQ…
Report: Trump admin. officials accidentally text journalist war plans
Atlantic editor Jeffrey Goldberg says officials in the Trump administration accidentally added him to a group text chat about strikes against Houthi rebels i...YouTube
Randahl Fink reshared this.
Democrats in Trump-won districts call on party to rebrand
https://www.npr.org/2025/03/24/nx-s1-5330827/democrats-in-trump-won-districts-call-on-party-to-rebrand?utm_source=flipboard&utm_medium=activitypub
Posted into Politics @politics-npr
Today's OPSEC lesson is this: all of the encryption in the world is not going to save you if you add the editor of The Atlantic to your war-planning Signal group chat.
theatlantic.com/politics/archi…
The Trump Administration Accidentally Texted Me Its War Plans
U.S. national-security leaders included me in a group chat about upcoming military strikes in Yemen. I didn’t think it could be real. Then the bombs started falling.Jeffrey Goldberg (The Atlantic)
SpaceLifeForm reshared this.
We need to keep the pressure high so our next gov't doesn't cave! #CancelTheF35
Will Canada Cancel Its Order for American F-35 Fighter Jets? (VIDEO) youtu.be/la0tKqpcCTk?si=0X0NO_… #cdnpoli #polcan #Canada #RCAF #defence #defense #military #aviation
Will Canada Cancel Its Order for American F-35 Fighter Jets? | Your Morning
American defence firm Lockheed Martin is now offering to create more jobs for Canadians in response to the Carney government reviewing Ottawa’s contract for ...YouTube
For people who are concerned about crossing the US border, The Verge and Wired both have useful discussion and advice:
theverge.com/policy/634264/cus…
wired.com/2017/02/guide-gettin…
Is it safe to travel with your phone right now?
Customs and Border Protection searches of phones and laptops at airports are on the rise, sometimes leading to deportations. What are your rights? The answer: it depends.Gaby Del Valle (The Verge)
It's a great time for actual criminals to cross the border, odds are better that agents will be occupied harrassing normal visitors.
oh hey, starting next week we'll be hosting a weekly "low-tech lunch" meetup in the MAL Pop-Up space CASE W250.
every Monday from 12-2pm. no stakes, just a friendly space to hang out, build other networks projects, play with tech at human scales, talk about low-tech, minimal & perma-computing, &tc.
join us if you're able!
'Ludwig' captivates with a light-hearted story about a missing identical twin
https://www.npr.org/2025/03/24/nx-s1-5338688/ludwig-captivates-with-a-light-hearted-story-about-a-missing-identical-twin?utm_source=flipboard&utm_medium=activitypub
Posted into Fresh Air @fresh-air-npr
Somebody is claiming to have exfiltrated 6 million lines of data with Oracle Cloud’s SSO and LDAP that includes JKS files, encrypted SSO passwords, key files and enterprise manager JPS keys from servers on login.*.oraclecloud.com
The poster has no prior reputation, it is unclear if they're LARPing. Some of the sample data does align with prior infostealer logs, I'm told. breachforums.st/Thread-SELLING…
Oracle are denying a breach to @BleepingComputer, but the threat actor has provided an archived URL which suggests they somehow uploaded a file to the Oracle Access Manager (SaaS solution) frontend.
web.archive.org/web/2025030116…
Oracle Unconfirmed Data Breach - Rose87168 claims this video was downloaded from Oracle's servers
Source - https://x.com/rose87168/status/1904197798943195277Uploaded by Hudson Rock - https://www.hudsonrock.comYouTube
Hudson Rock are reporting the Oracle Cloud breach claim threat actor has provided 10k records, and they appear genuine according to one of their customers.
linkedin.com/posts/alon-gal-ut…
It’s unclear to me exactly what is happening with this one as the threat actor doesn’t appear to understand basic English grammar.. but there are signs something has happened at Oracle.
Big problem for Oracle as I’m not sure how plausible denials will be when threat actor, who sounds 12, is dumping data online.
Big - I just received 10,000 records from the Oracle breach, given to me… | Alon Gal | 19 comments
Big - I just received 10,000 records from the Oracle breach, given to me by 'rose87168,' and I’m actively working to validate the claims (initial feedback from… | 19 comments on LinkedInAlon Gal (www.linkedin.com)
CloudSEK are doubling down on their Oracle Cloud breach reporting, despite a denial from Oracle: cloudsek.com/blog/part-2-valid…
I am still looking into this and will probably do a blog post this week. The threat actor is still dropping files everywhere and they do tend to point to a security incident at Oracle Cloud.
Part 2: Validating the Breach Oracle Cloud Denied – CloudSEK’s Follow-Up Analysis
On March 21, 2025, CloudSEK’s XVigil platform flagged a significant threat—a threat actor offering 6 million exfiltrated records from Oracle Cloud for sale.Rahul Sasi (CloudSEK)
Bleeping Computer say multiple Oracle customers confirm their customer data has been stolen. Oracle continue to deny there is a problem.
Also, that YouTube video I linked above has two hours of audio of Oracle employees talking. I haven’t transcribed it yet.
Separately, the threat actor has shared what they claim to be current config files from Oracle Cloud servers with a different reporter.
I’m deliberately staying out of this one for now as I’m trying to finish Assassin’s Creed Shadows first.. but I think Oracle may have a pending PR disaster when the TikTok deal is due to complete.
There’s now been a data breach at Oracle Health, which is separate to the ongoing security issue at Oracle Cloud.
Oracle have not commented publicly on the breach, instead telling people to only talk to their CISO by phone, not in writing. They’ve sent out letters without Oracle letterheads, using external lawyers instead.
The behaviour going on at Oracle with cybersecurity is extremely alarming.
reshared this
Going back to the Oracle Cloud security incident, the 2019 video posted by the threat actor: youtu.be/375_G9wAffo
Now has an audio transcription github.com/j-klawson/oracle_br…
(I’ve redacted the root passwords from screenshot)
Oracle Unconfirmed Data Breach - Rose87168 claims this video was downloaded from Oracle's servers
Source - https://x.com/rose87168/status/1904197798943195277Uploaded by Hudson Rock - https://www.hudsonrock.comYouTube
Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service
Being a provider of cloud SaaS (Software-as-a-service) solutions requires certain cybersecurity responsibilities — including being transparent and open. The moment where this is tested at Oracle has…Kevin Beaumont (DoublePulsar)
reshared this
The wordplay here is Oracle Cloud.
Oracle rebadged old Oracle Cloud services to be Oracle Classic. Oracle Classic has the security incident.
They’re denying it on “Oracle Cloud” by using this scope - but it’s their cloud service.
mhoye reshared this.
Multiple Oracle cloud customers have reached out to me to say Oracle have now confirmed a breach of their services.
They are only doing so verbally, they will not write anything down, so they’re setting up meetings with large customers who query.
A friend of mine has described a Sev0 incident as a Sev1 that escalates from "a major incident or outage" to "a c-level executive's career is on the line".
They're never "declared", you just know they're happening when suddenly process goes out the window, nothing get written down and there are lawyers on every call not because they have anything to say, but so that those calls are now privileged information that can't be subpoenaed or used as evidence.
Oracle Health customers dealing with the breach there of patient PII, if you’ve had a verbal briefing could you please Signal me? GossiTheDog.1337
I’m interested to see if they’ve told you it was in legacy Oracle Classic aka OCI Gen1 environments, like they have with Oracle Cloud customers - I’m trying to line up if the breaches are actually related.
It appears Oracle migrated people off OCI G1 a few years ago, but left the systems on and unpatched with customer data.
Heise has a look at the Oracle security incident. Oracle didn’t return request for comment when asked about Oracle Classic - I understand from multiple large outlets they’ve also declined to comment.
heise.de/en/news/Data-leak-at-…
Data leak at Oracle: Up to 2000 German victims? What is known and what is not
Data from the "Oracle Classic" cloud is for sale on the darknet. Analysts agree: the data is genuine. But some pieces of the puzzle are still missing.Dr. Christopher Kunz (heise online)
When I asked Oracle for comment, a PR person responded and offered a comment on the condition I not attribute it in any way to Oracle. When I said no, the PR person said Oracle was declining to comment.
We have an update. Reuters and Bloomberg confirm my blog, that’s there’s a security incident going on at Oracle cloud. Oracle declined to comment, after lying to @BleepingComputer and other outlets on the record.
CrowdStrike is the IR company.
“Oracle staff acknowledged to some clients this week that an attacker had gotten into a legacy environment, Bloomberg News report said.”
“The company informed customers that the system has not been in use for eight years and that the stolen client credentials therefore pose little risk, the report added. The stolen data included Oracle customer log-in credentials from as recently as 2024, the report said.”
This would be Oracle Classic, aka Gen1. I’ve been told the systems were left online after migration.. unpatched.
Oracle are trying to play legacy angle - but what else was stolen? What else did the attacker do? Why cover up?
Yeah, by legacy system Oracle mean ‘a system we manage housing active customer data’. They’ve also been telling people it isn’t Oracle Cloud.. but it is, and they know it is, they’re just doing customer talking points to wordsmith around it.
infosec.exchange/@Fringedcrow/…
Fringed Crow :battery_ok: (@Fringedcrow@infosec.exchange)
@GossiTheDog@cyberplace.social Legacy system my ass. Wonder if that's why some of my companies data was in there due to a vendor and that data is less than 2 years old.Infosec Exchange
To answer my own question up thread - from talking to people, the Oracle Health breach appears to be unrelated to the Oracle SaaS incident this thread describes.
In both cases they’re being extorted, and in both cases they’re working with the FBI and external incident response.
The Register has a look at the Oracle situation. No new info, as Oracle won’t comment on anything and the info they’ve told customers is extremely light.
theregister.com/2025/04/08/ora…
Oracle says its cloud was in fact compromised
: Reliability, honesty, accuracy. And then there's this lotIain Thomson (The Register)
Oracle have finally issued to a written notification to customers about their cybersecurity incident.
They are again wordsmithing. OCI is a different org unit in Oracle to Oracle Classic - they’re denying a different scope.
How long was the attacker in the SaaS solution (that Oracle manage)? What did they do with the access? How long were they in for? Why were ‘legacy’ systems containing customer info left unmanaged and insecure? Etc.
Really poor response from a SaaS provider.
If anybody is struggling to find the Oracle security incident notification email, search your email server for subject “Oracle customer notification” - if anybody in your org got the email, your Oracle SaaS service is impacted (not that you’d know it from the email). It’s widespread.
Also, although Oracle say “user names” they mean email addresses.
A legal scholar talks about 10 laws he says are 'ruining America'
https://www.npr.org/2025/03/24/nx-s1-5338663/a-legal-scholar-talks-about-that-10-laws-he-says-are-ruining-america?utm_source=flipboard&utm_medium=activitypub
Posted into Fresh Air @fresh-air-npr
:goose_honk: mama & papa Muscovy nesting together again today ❤️❤️
Day 28, as far as I'm aware 🐣🐣
Stay tuned for future updates :goose_honk:
Fantastic info about ducklings
👇👇👇👇
wildthingsfood.co.uk/news/the-…
#Jacksonville #Florida #Nature #Birds #Ducks #MuscovyDucks #AmateurPhotography #Pixelfed #StreetPhotography #UrbanExploration #GalaxyS23+
The secret lives of ducklings | WildThings
Click here to find out all about the secret lives of ducklingsmelanie.smith (Wildthings)
Solder Party
At Solder Party, we work on creating products that are easy to use and help you develop your projects. We’re always focusing on innovating and chasing the next product that can make your ideas become a reality.lectronz.solder.party
The Trump Administration Accidentally Texted Me Its War Plans
U.S. national-security leaders included me in a group chat about upcoming military strikes in Yemen. I didn’t think it could be real. Then the bombs started falling.Jeffrey Goldberg (The Atlantic)
Locals feel a loss as the U.S. limits Canadian access to cross-border library
https://www.npr.org/2025/03/23/nx-s1-5337411/library-us-canada-border-haskell?utm_source=flipboard&utm_medium=activitypub
Posted into U.S. News @u-s-news-npr
Calling to anyone with nginx proxy experience:
In the Mesa CI, we use a proxy that passes requests from test devices through the gateway they're physically connected to and out to the internet.
The config is here: gitlab.freedesktop.org/mesa/me…
That file includes this other file: gitlab.freedesktop.org/mesa/me…
On the last line of that second file, there is a bug: `$1` needs to be url-encoded, so that any `&foo=bar` argument in the `location:` header gets forwarded. Right now, they are lost.
Please help ❤️
Julian Fietkau (@julian) is coming to #FediForum and wants to talk about:
Academic exchange and collaboration on the fediverse – what’s already working and what’s still missing?
Join us for this discussion and many others on April 1-2, online? More info: fediforum.org
One problem with ActivityPub is that there is not a standard format for errors returned from the API or federation protocol.
I wrote a Fediverse Enhancement Proposal (FEP) to establish a standard set of error messages using RFC 9457, Problem Details for HTTP APIs.
It'd be great to get some review here:
codeberg.org/fediverse/fep/src…
Comments and suggestions here (or just reply):
..
reshared this
Why is no one talking about a Swiss or Norway-type association? #CanadaEUSingleMarket
Could Canada Join the EU? (VIDEO) youtu.be/kV9OfUGiExQ?si=rYG28-… #cdnpoli #polcan #eupoli
Could Canada Join the EU?
Sign up to Brilliant for free and you’ll also get 20% off an annual premium subscription: https://brilliant.org/tldr/As tensions rise between Canada and the ...YouTube
Once, the ghost of a scorned woman summoned a storm against her unfaithful lover on his wedding day.
#MythologyMonday #Germany #folktale #folklore #ghost #ghoststory
patreon.com/posts/ghost-storie…
24 March 1895 | A Pole, Franciszek Wrona, was born in Raszków. A farmer.
In #Auschwitz from 16 December 1942.
No. 83896
He perished in the camp on 18 March 1943.
Seven Arrested For Nazi Salutes At France V Croatia Match
https://www.barrons.com/news/seven-arrested-for-nazi-salutes-at-france-v-croatia-match-aa22b685?utm_source=flipboard&utm_medium=activitypub
Posted into afp news @afp-news-Barrons
Seven Arrested For Nazi Salutes At France V Croatia Match
French police arrested seven people for making Nazi salutes during the Nations League match between France and Croatia at the Stade de France on Sunday, the Paris police chief said.Barrons
Podcast Episode Rerelease: Dr. Seuss Warned Us
This episode was first released on May 2, 2023.We’re excited to announce that we’re working on a new season of How to Fix the Internet, coming in the next few months! But today we want to lift up an earlier episode that has particular significance ri…Electronic Frontier Foundation
Update: I'm no longer completely fine - if you want to donate to me, feel free (but not pressured.
Please look at all the urgent #MutualAid-Posts as well.
I have some additional monthly expenses for all the #SafeguardingResearch & #WhiteHouseWash, if you want to chip in:
liberapay.com/lavaeolus/donate
ko-fi.com/lavaeolus
It's $45/month right now:
- $45 for @Pikapods (change-tracker and web-archiving
- the forum got moved to pro-bono safeguarding-research.discours…
Buy Henrik Schönemann a Coffee. ko-fi.com/lavaeolus
Become a supporter of Henrik Schönemann today! ❤️ Ko-fi lets you support the creators you love.Ko-fi
I'm disabled & queer, living in extreme poverty. I'm in URGENT need of food, hygiene, medication, clothing, etc. Disability benefits aren't enough for survival or comfort.
Donate: ko-fi.com/qpthepurplesnep
Wish List: amazon.ca/hz/wishlist/ls/2H98Z…
#MutualAid #Help #DisabilityCrowdfund
Support QuyetPawz ❤️. ko-fi.com/qpthepurplesnep
Support QuyetPawz On Ko-fi. Ko-fi lets you support the people and causes you love with small donationsKo-fi
Robee? Na! 🌈
in reply to concretedog • • •concretedog
in reply to Robee? Na! 🌈 • • •Robee? Na! 🌈
in reply to concretedog • • •concretedog
in reply to Robee? Na! 🌈 • • •kianryan ☑️🐙🏳️🌈
in reply to Robee? Na! 🌈 • • •I replaced the heatbreak very quickly after acquiring it with the bondtech and never suffered that problem. I was very grateful for that.
@concretedog @FreeCAD
Robee? Na! 🌈
in reply to kianryan ☑️🐙🏳️🌈 • • •