#patching — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #patching, aggregated by home.social.
-
How Dangerous Is Anthropic’s Mythos AI?
Last month, Anthropic made a remarkable announcement about its new model, Claude Mythos Preview: it was so good at finding security vulnerabilities in software that the company would not... https://www.schneier.com/blog/archives/2026/05/how-dangerous-is-anthropics-mythos-ai.html
#vulnerabilities #Uncategorized #regulation #patching #hacking #laws #LLM #AI
-
How Dangerous Is Anthropic’s Mythos AI?
Last month, Anthropic made a remarkable announcement about its new model, Claude Mythos Preview: it was so good at finding security vulnerabilities in software that the company would not... https://www.schneier.com/blog/archives/2026/05/how-dangerous-is-anthropics-mythos-ai.html
#vulnerabilities #Uncategorized #regulation #patching #hacking #laws #LLM #AI
-
How Dangerous Is Anthropic’s Mythos AI?
Last month, Anthropic made a remarkable announcement about its new model, Claude Mythos Preview: it was so good at finding security vulnerabilities in software that the company would not... https://www.schneier.com/blog/archives/2026/05/how-dangerous-is-anthropics-mythos-ai.html
#vulnerabilities #Uncategorized #regulation #patching #hacking #laws #LLM #AI
-
How Dangerous Is Anthropic’s Mythos AI?
Last month, Anthropic made a remarkable announcement about its new model, Claude Mythos Preview: it was so good at finding security vulnerabilities in software that the company would not... https://www.schneier.com/blog/archives/2026/05/how-dangerous-is-anthropics-mythos-ai.html
#vulnerabilities #Uncategorized #regulation #patching #hacking #laws #LLM #AI
-
How Dangerous Is Anthropic’s Mythos AI?
Last month, Anthropic made a remarkable announcement about its new model, Claude Mythos Preview: it was so good at finding security vulnerabilities in software that the company would not... https://www.schneier.com/blog/archives/2026/05/how-dangerous-is-anthropics-mythos-ai.html
#vulnerabilities #Uncategorized #regulation #patching #hacking #laws #LLM #AI
-
https://www.europesays.com/britain/35998/ UK SMEs better at email security than North America #AttackSurfaceManagement #Brokers #BusinessContinuity #BusinessEmailCompromise #Canada #CyberInsurance #CyberResilience #CyberRisk #Cybersecurity #DMARC #EmailSecurity #Infosec #ITGovernance #KYND #Patching #Phishing #Ransomware #RemoteAccess #Risk&Compliance #RiskManagement #SecurityPosture #SmallBusiness(SMB) #SpearPhishing #UK #UnitedKingdom #UnitedKingdom(UK) #UnitedStates(US)
-
Copy.Fail Linux Vulnerability
This is the worst Linux vulnerability in years.
TL;DRcopy.fail is a Linux kernel local privilege escala... https://www.schneier.com/blog/archives/2026/05/copy-fail-linux-vulnerability.html
-
Copy.Fail Linux Vulnerability
This is the worst Linux vulnerability in years.
TL;DRcopy.fail is a Linux kernel local privilege escala... https://www.schneier.com/blog/archives/2026/05/copy-fail-linux-vulnerability.html
-
Copy.Fail Linux Vulnerability
This is the worst Linux vulnerability in years.
TL;DRcopy.fail is a Linux kernel local privilege escala... https://www.schneier.com/blog/archives/2026/05/copy-fail-linux-vulnerability.html
-
Copy.Fail Linux Vulnerability
This is the worst Linux vulnerability in years.
TL;DRcopy.fail is a Linux kernel local privilege escala... https://www.schneier.com/blog/archives/2026/05/copy-fail-linux-vulnerability.html
-
Copy.Fail Linux Vulnerability
This is the worst Linux vulnerability in years.
TL;DRcopy.fail is a Linux kernel local privilege escala... https://www.schneier.com/blog/archives/2026/05/copy-fail-linux-vulnerability.html
-
OpenAI Unveils Daybreak to Automate Vulnerability Detection and Patching
Meet Daybreak, a game-changing cybersecurity tool from OpenAI that supercharges vulnerability detection and patching with cutting-edge AI, helping organizations stay one step ahead of attackers and making the world a safer place. By combining AI intelligence with advanced code analysis, Daybreak…
#VulnerabilityDetection #Patching #ArtificialIntelligence #Cybersecurity #AutomatedThreatResponse
-
OpenAI Unveils Daybreak to Automate Vulnerability Detection and Patching
Meet Daybreak, a game-changing cybersecurity tool from OpenAI that supercharges vulnerability detection and patching with cutting-edge AI, helping organizations stay one step ahead of attackers and making the world a safer place. By combining AI intelligence with advanced code analysis, Daybreak…
#VulnerabilityDetection #Patching #ArtificialIntelligence #Cybersecurity #AutomatedThreatResponse
-
Non-determinism is an issue with patching CVEs
https://flox.dev/blog/achieving-rapid-cve-remediation-in-an-era-of-escalating-vulnerabilities/
#HackerNews #Non-determinism #CVEs #patching #vulnerabilities #security #software #development
-
Non-determinism is an issue with patching CVEs
https://flox.dev/blog/achieving-rapid-cve-remediation-in-an-era-of-escalating-vulnerabilities/
#HackerNews #Non-determinism #CVEs #patching #vulnerabilities #security #software #development
-
Non-determinism is an issue with patching CVEs
https://flox.dev/blog/achieving-rapid-cve-remediation-in-an-era-of-escalating-vulnerabilities/
#HackerNews #Non-determinism #CVEs #patching #vulnerabilities #security #software #development
-
Non-determinism is an issue with patching CVEs
https://flox.dev/blog/achieving-rapid-cve-remediation-in-an-era-of-escalating-vulnerabilities/
#HackerNews #Non-determinism #CVEs #patching #vulnerabilities #security #software #development
-
Non-determinism is an issue with patching CVEs
https://flox.dev/blog/achieving-rapid-cve-remediation-in-an-era-of-escalating-vulnerabilities/
#HackerNews #Non-determinism #CVEs #patching #vulnerabilities #security #software #development
-
Security Tip: Can't patch a production system immediately? Consider virtual patching. 🛡️ By deploying WAF rules, IPS signatures, or runtime protection, you can mitigate specific CVE exploits at the network or host level. This buys your team the time needed to test and deploy official vendor patches without leaving the door wide open. Research the latest vulnerabilities and mitigation strategies at https://cvedatabase.com #InfoSec #CyberSecurity #CVE #Patching
-
Security Tip: Can't patch a production system immediately? Consider virtual patching. 🛡️ By deploying WAF rules, IPS signatures, or runtime protection, you can mitigate specific CVE exploits at the network or host level. This buys your team the time needed to test and deploy official vendor patches without leaving the door wide open. Research the latest vulnerabilities and mitigation strategies at https://cvedatabase.com #InfoSec #CyberSecurity #CVE #Patching
-
Security Tip: The race to patch a critical CVE shouldn't lead to a production outage. 🛡️
Establish a tiered patch management strategy:
1. Monitor: Track new CVEs via https://cvedatabase.com
2. Stage: Deploy patches to a mirror environment first.
3. Verify: Run automated tests to ensure no regressions.
4. Deploy: Roll out to production once validated.A broken system is just as unavailable as one under attack. #InfoSec #CyberSecurity #CVE #Patching
-
Security Tip: The race to patch a critical CVE shouldn't lead to a production outage. 🛡️
Establish a tiered patch management strategy:
1. Monitor: Track new CVEs via https://cvedatabase.com
2. Stage: Deploy patches to a mirror environment first.
3. Verify: Run automated tests to ensure no regressions.
4. Deploy: Roll out to production once validated.A broken system is just as unavailable as one under attack. #InfoSec #CyberSecurity #CVE #Patching
-
Security Tip: The race to patch a critical CVE shouldn't lead to a production outage. 🛡️
Establish a tiered patch management strategy:
1. Monitor: Track new CVEs via https://cvedatabase.com
2. Stage: Deploy patches to a mirror environment first.
3. Verify: Run automated tests to ensure no regressions.
4. Deploy: Roll out to production once validated.A broken system is just as unavailable as one under attack. #InfoSec #CyberSecurity #CVE #Patching
-
https://www.europesays.com/no/229548/ «Patche-vinduet» reduseres til sekunder | Digi.no #Anthropic #BreakingNews #BreakingNews #FeaturedNews #FeaturedNews #hacking #Headlines #Hovedoppslag #kommentar #LatestNews #LatestNews #MainNews #MainNews #Mythos #News #NO #Norge #Norway #Nyheter #Overskrifter #patching #TopStories #TopStories
-
https://www.europesays.com/ie/466632/ Link Audio, now in Max, Pd, VCV Rack, TouchDesigner, oF, and plug-ins, free #AbletonLink #AbletonLinkAudio #APIs #code #Coding #CreativeCoding #developers #Éire #IE #Ireland #Jitter #LinkAudio #Linux #mac #MacOS #Max #Max/MSP #openframeworks #Patching #Pd #PureData #Software #Sync #Technology #touchdesigner #VCVRack #visuals #Windows
-
Patch applies fake diffs from commit messages
https://samizdat.dev/phantom-patch/
#HackerNews #patching #diffs #commitmessages #softwaredevelopment #cybersecurity
-
Patch applies fake diffs from commit messages
https://samizdat.dev/phantom-patch/
#HackerNews #patching #diffs #commitmessages #softwaredevelopment #cybersecurity
-
Patch applies fake diffs from commit messages
https://samizdat.dev/phantom-patch/
#HackerNews #patching #diffs #commitmessages #softwaredevelopment #cybersecurity
-
Patch applies fake diffs from commit messages
https://samizdat.dev/phantom-patch/
#HackerNews #patching #diffs #commitmessages #softwaredevelopment #cybersecurity
-
Patch applies fake diffs from commit messages
https://samizdat.dev/phantom-patch/
#HackerNews #patching #diffs #commitmessages #softwaredevelopment #cybersecurity
-
What Anthropic’s Mythos Means for the Future of Cybersecurity
Two weeks ago, Anthropic announced that its new model, Claude Mythos Preview, can autonomously find and weaponize software vulnerabilities, turning them into working exploits without exp... https://www.schneier.com/blog/archives/2026/04/what-anthropics-mythos-means-for-the-future-of-cybersecurity.html
#vulnerabilities #Uncategorized #cybersecurity #patching #LLM #AI
-
What Anthropic’s Mythos Means for the Future of Cybersecurity
Two weeks ago, Anthropic announced that its new model, Claude Mythos Preview, can autonomously find and weaponize software vulnerabilities, turning them into working exploits without exp... https://www.schneier.com/blog/archives/2026/04/what-anthropics-mythos-means-for-the-future-of-cybersecurity.html
#vulnerabilities #Uncategorized #cybersecurity #patching #LLM #AI
-
What Anthropic’s Mythos Means for the Future of Cybersecurity
Two weeks ago, Anthropic announced that its new model, Claude Mythos Preview, can autonomously find and weaponize software vulnerabilities, turning them into working exploits without exp... https://www.schneier.com/blog/archives/2026/04/what-anthropics-mythos-means-for-the-future-of-cybersecurity.html
#vulnerabilities #Uncategorized #cybersecurity #patching #LLM #AI
-
What Anthropic’s Mythos Means for the Future of Cybersecurity
Two weeks ago, Anthropic announced that its new model, Claude Mythos Preview, can autonomously find and weaponize software vulnerabilities, turning them into working exploits without exp... https://www.schneier.com/blog/archives/2026/04/what-anthropics-mythos-means-for-the-future-of-cybersecurity.html
#vulnerabilities #Uncategorized #cybersecurity #patching #LLM #AI
-
What Anthropic’s Mythos Means for the Future of Cybersecurity
Two weeks ago, Anthropic announced that its new model, Claude Mythos Preview, can autonomously find and weaponize software vulnerabilities, turning them into working exploits without exp... https://www.schneier.com/blog/archives/2026/04/what-anthropics-mythos-means-for-the-future-of-cybersecurity.html
#vulnerabilities #Uncategorized #cybersecurity #patching #LLM #AI
-
You Can’t Patch People
One of the things I’ve noticed when it comes to IT is how quickly we’re willing to use software to solve people problems. Over my career I’ve seen all manner of crazy solutions to get around people being lazy or uneducated. Remember vMotion? Or OTV for stretched layer 2? Why do you think those solutions came about? I posit that it’s because it’s faster to write software than to patch people.
Hacking Humans
I see this most often in cybersecurity. Developers love to create software solutions that prevent things from happening. Phishing and all its various forms are some of the top priorities for solutions that prevent leaking of information. While we have invested a lot in phishing tests and education it’s also very likely that there are controls in place that prevent users from accidentally giving out information to threat actors.
Why are we so willing to write software to fix problems instead of teaching people to avoid those issues? I think in part it’s because software is predictable. If I create an app or write some controls into a platform it’s going to behave the same way every time. That’s the definition of deterministic. Every time the software is presented with an input it will react the same way. That makes it easy to figure out. People that deal with risk on a daily basis just love predictability.
Humans are messy. We don’t always behave the same way every time. Even someone that knows they shouldn’t click on links in an email will do it because they aren’t paying attention or because they are tired. When you factor in how much better the phishing emails have gotten thanks to the advent of generative AI even the rank-and-file people are getting tricked. Developers would rather deal with software than trying to send more tests and update education resources.
The real issue is that we can’t patch people as easily as we can with software. If updating the filters for spam and phishing and other security related items was as simple as downloading the new attack vectors into someone’s brain we’d be doing that instead. Likewise, if we could just convince people to build things a certain way to avoid having to create complicated systems like FHRP we would be doing that instead of trying to solve for lazy developers.
Treating People Like Programs
Why is it so hard to patch people? Forget about the deterministic part of the equation for a moment. Software isn’t instantly updated when something is discovered. It takes time to develop lists of new vectors or update programs to remove vulnerabilities. Why can’t we do the same for people and reduce the overhead of all the extra software?
People can be “patched” with education. It isn’t always easy to get people to take courses or read the bulletins that are sent out. There are ways to force people to do it but that kind of friction just makes security teams resent users for trying to avoid mandatory training updates. Hence the reliance on software to fix the issues. But it doesn’t have to be like that.
Instead of forcing people to take updated training you could use something like gamification to encourage people to update training or learn about new issues. This is especially good with younger or newer employees that are used to the badge hunt mentality. Giving them the option to display achievements tied to training is a great way to encourage them to keep updated while also pulling others in that want to earn the same recognition.
Tom’s Take
I get the desire to rely on deterministic software rather than dealing with unreliable people. But there is only so much software that you can write to try and fix behaviors. We eventually have to get to a point where we can educate users and encourage them to want to keep up with it instead of forcing them to go through endless modules that don’t give them any real info. If we would just put in a bit of the effort we use on software controls into the people we’re trying to restrict we might find the effort is multiplied far beyond what we could hope for.
#Patching #security -
Has anyone got any recommendations for not super difficult to use / setup / manage linux patching solutions? I was looking at Landscape as most of the servers are Ubuntu but it turns out you need "Call us" pricing with Ubuntu Pro to get more than 10 servers installed (And spoiler, I have more than 10 servers just to run Mastodon stuff!).
-
Has anyone got any recommendations for not super difficult to use / setup / manage linux patching solutions? I was looking at Landscape as most of the servers are Ubuntu but it turns out you need "Call us" pricing with Ubuntu Pro to get more than 10 servers installed (And spoiler, I have more than 10 servers just to run Mastodon stuff!).
-
Has anyone got any recommendations for not super difficult to use / setup / manage linux patching solutions? I was looking at Landscape as most of the servers are Ubuntu but it turns out you need "Call us" pricing with Ubuntu Pro to get more than 10 servers installed (And spoiler, I have more than 10 servers just to run Mastodon stuff!).
-
Has anyone got any recommendations for not super difficult to use / setup / manage linux patching solutions? I was looking at Landscape as most of the servers are Ubuntu but it turns out you need "Call us" pricing with Ubuntu Pro to get more than 10 servers installed (And spoiler, I have more than 10 servers just to run Mastodon stuff!).
-
Has anyone got any recommendations for not super difficult to use / setup / manage linux patching solutions? I was looking at Landscape as most of the servers are Ubuntu but it turns out you need "Call us" pricing with Ubuntu Pro to get more than 10 servers installed (And spoiler, I have more than 10 servers just to run Mastodon stuff!).
-
10 metrics to monitor progress toward cybersecurity goals https://www.admin-magazine.com/News/Top-10-Cybersecurity-Metrics
#security #intrusion #detection #patching #CISO #devices #MTTD #MTTR -
Sewing can be oddly soothing
I spent about an hour this morning trying to avoid jabbing myself with a sharp metal object. The experience was more satisfying than I would have expected–not just because it left me without injury, but because it left me with a inexpertly patched pair of jeans.
I’ve been sewing buttons back in place since I was in high school, that being one of many things my mom taught me to do. It’s not hard, it doesn’t take that long, and even if you need to make this repair away from home, you’ve got decent odds of a hotel room including a mending kit with all the materials needed.
It took me a little while longer to get in the habit of picking up a needle and thread to sew together a tear in a shirt or a pair of pants. That’s not too difficult either, plus you get the satisfaction of restoring an item of clothing to service without having to pay somebody to do it.
Then I devoted part of a Saturday in July to level up my mending game at a free clothing-repair tutorial in Arlington hosted by Art on the Mend (yes, that is me in the picture on the home page), a program founded by cartographer Alison Davis-Holland.
With a small room’s worth of people, I got some hands-on coaching in picking the right kind of fabric to patch an item of clothing, a few different stitching techniques to employ for the work, and how to proceed with it. The “why” of this lesson was just as important: not only because it’s cost-effective to repair something, but because that act of DIY mending personalizes that object.
And it allows you the chance to put some creativity into the required stitching, as Davis-Holland showed with some of her own fine work.
I left the class with a pair of jeans in which a developing rip in the wallet pocket had been sewn up–with a lot of help from the attendee seated next to me–as well as a set of fabric patches to use in other fabric-repair attempts.
Saturday morning was one of them, involving another pair of jeans that needed patching. (I don’t remember Levi’s wearing that badly in my younger days, but maybe I just keep them longer now.) Sewing a patch on fabric that’s begun to fray is more work than re-attaching a button to an intact shirt, especially if you’re not that practiced at this task, and so I had to take my time with it.
But I also found this exercise so oddly soothing that I didn’t mind the minutes going by. Slip the needle and thread through, send it back, through and back, through and back… and the risk of poking yourself with the pointy end forces a level of concentration that my screen time rarely allows.
See also: why I’m so crazy about gardening and cooking, two other hobbies that help me less like a digital man and more like the analog kid I once was.
#ArtOnTheMend #craft #crafty #DIY #fabric #jeans #LeviS #mend #mending #needleAndThread #patch #patching #sewing
-
WSUS shouldn’t be on the open internet. The new RCE shows how a patch system can turn into initial access. Close 8530 and 8531, patch, and hunt for w3wp.exe → cmd.exe → powershell.exe chains. I wrote up a blunt take with an SMB playbook.
#WSUS #WindowsServer #Patching #BlueTeam #Cybersecurity #Infosec #SMB #ZeroTrust #DFIR
-
Cybersecurity in the Age of Instant Software
AI is rapidly changing how software is written, deployed, and used. Trends point to a future where AIs can write custom software quickly and easily: “instant software.” Taken to an extreme, it might become easier for a user to have an AI write an ... https://www.schneier.com/blog/archives/2026/04/cybersecurity-in-the-age-of-instant-software.html
#computersecurity #vulnerabilities #Uncategorized #cybersecurity #patching #LLM #AI
-
Cybersecurity in the Age of Instant Software
AI is rapidly changing how software is written, deployed, and used. Trends point to a future where AIs can write custom software quickly and easily: “instant software.” Taken to an extreme, it might become easier for a user to have an AI write an ... https://www.schneier.com/blog/archives/2026/04/cybersecurity-in-the-age-of-instant-software.html
#computersecurity #vulnerabilities #Uncategorized #cybersecurity #patching #LLM #AI
-
Cybersecurity in the Age of Instant Software
AI is rapidly changing how software is written, deployed, and used. Trends point to a future where AIs can write custom software quickly and easily: “instant software.” Taken to an extreme, it might become easier for a user to have an AI write an ... https://www.schneier.com/blog/archives/2026/04/cybersecurity-in-the-age-of-instant-software.html
#computersecurity #vulnerabilities #Uncategorized #cybersecurity #patching #LLM #AI
-
Cybersecurity in the Age of Instant Software
AI is rapidly changing how software is written, deployed, and used. Trends point to a future where AIs can write custom software quickly and easily: “instant software.” Taken to an extreme, it might become easier for a user to have an AI write an ... https://www.schneier.com/blog/archives/2026/04/cybersecurity-in-the-age-of-instant-software.html
#computersecurity #vulnerabilities #Uncategorized #cybersecurity #patching #LLM #AI
-
Cybersecurity in the Age of Instant Software
AI is rapidly changing how software is written, deployed, and used. Trends point to a future where AIs can write custom software quickly and easily: “instant software.” Taken to an extreme, it might become easier for a user to have an AI write an ... https://www.schneier.com/blog/archives/2026/04/cybersecurity-in-the-age-of-instant-software.html
#computersecurity #vulnerabilities #Uncategorized #cybersecurity #patching #LLM #AI
