If they're insolvent, depending on who they're using for their infrastructure their systems and services may have literally been turned off on them.

Time to find out how many applications have regexes with a user agent parser with version /d{2} instead of /d+.

I haven't followed exactly where they landed on this but both Firefox and Chrome have been testing user-agent strings with version 100+ for a while, and have (or at least had) a fall back mechanism to present the version as 99.xxx where the xxx contains additional information with the true browser version. There's also a longer term plan to phase out User-Agent headers as they exist now, more details at https://blog.chromium.org/2022/03/chrome-100-beta-reduced-us...

If you're using Kaseya VSA, you should go disable it IMMEDIATELY. This is an active attack.

The end of support dates appeared this weekend. Identical dates announced for Home and Pro edition.

There's actually interesting issues with how property paid for through mortgages are impacted by nuclear regulations. I recall something deep in my mortgage about how (I think) the nuclear regulatory control act placed restrictions on local use vis a vis nuclear energy.

In general the court seems to try to go to the easiest decision point in a case. The copyrightability of an API is less relevant if the user being sued should win regardless because of fair use. This is better than a plurality decision where there's multiple reasonings on API copywrite that make future decisions difficult. Here at least the court gives guidance on how to think about evaluating fair use in this context, which lower courts can apply.

Epic Hosting | Verona, Wisconsin | https://www.epic.com/

I'm a security engineer with Epic's hosting team. We are the hosting side of the largest electronic health record company in the country, and our hosting environment is responsible for approximately 20% of the country's medical activity on a given day. We strive to provide a truly secure healthcare environment, and I'm proud to come here every day for work.

We have openings right now for security engineers (https://epic.avature.net/Careers/FolderDetail/Verona-Wiscons...), network security engineers (https://epic.avature.net/Careers/FolderDetail/Verona-Wiscons...), and security operations center technicians (https://epic.avature.net/Careers/FolderDetail/Verona-Wiscons...).

If you have questions about any of the roles, or interest in applying, reach out to me at poconnel@epic.com.

infoblox is a company that does DNS, DHCP, and IPAM management. I think the big concern there is that it is at least named to look like it is their CTO's files, so who knows what is in there.

The need to use a third party plugin to get any form of cloud sync working for one. Minor weirdness with it scrolling through your secret share structure on the left instead of up and down your passwords if you have accidentally clicked over (a feature that acts more like a bug). The lack of ability (or at least any documentation) on how to use something like Google Authenticator as MFA for the database.

The external sync is a feature for me, not a bug. I can use whatever tool I want to sync between my devices (I use Syncthing) and do not need to trust some company with storing my stuff on their servers and not fiddling with them.

Question for you, what company do you work for? I've really wanted to break into NGO security in particular for a lot of reasons. Spent a lot of years working in NGOs, and now do internal corporate security. Pay's better but it feels different. Could you possibly reach out to me? pdoconnell at gmail

Cool.

We run our own. It's here www.secfirst.org - email me rory@