Peter
@peterrobards.bsky.social
IT Professional. Entertainer. Filmmaker. Writer.
Thrilled to be able to announce that our #shortfilm "Midnight Snack" has been nominated for Best Haunted Garage Film at #ShockfestAdventure in Las Vegas, NV this November 13th - 14th!
Get your tickets here:
www.shockfestadventure.com
Get your tickets here:
www.shockfestadventure.com
November 5, 2025 at 1:36 AM
Thrilled to be able to announce that our #shortfilm "Midnight Snack" has been nominated for Best Haunted Garage Film at #ShockfestAdventure in Las Vegas, NV this November 13th - 14th!
Get your tickets here:
www.shockfestadventure.com
Get your tickets here:
www.shockfestadventure.com
Apropos of nothing… This is a really excellent write up on Cell-site simulators/ISMI Catchers (aka stingrays) and how they can be used to “gather the IMSI (and later the identity) of anyone in a specific area.” #TheMoreYouKnow sls.eff.org/technologies...
Cell-Site Simulators/ IMSI Catchers
Cell-site simulators, also known as Stingrays or IMSI catchers, are devices that masquerade as legitimate cell-phone towers, tricking phones within a certain radius into connecting to the device rathe...
sls.eff.org
October 18, 2025 at 2:59 PM
Apropos of nothing… This is a really excellent write up on Cell-site simulators/ISMI Catchers (aka stingrays) and how they can be used to “gather the IMSI (and later the identity) of anyone in a specific area.” #TheMoreYouKnow sls.eff.org/technologies...
Tonight at Midnight our comedy-horror short film: "Midnight Snack", airs on Chicago's CAN TV 19 (cable channel 19). If you're not in Chicago/don’t have cable then you can still watch via the link below:
cantv.org/watch/stream...
“Midnight Snack” will air on #CANTV all through this Halloween season!
cantv.org/watch/stream...
“Midnight Snack” will air on #CANTV all through this Halloween season!
October 3, 2025 at 2:22 AM
Tonight at Midnight our comedy-horror short film: "Midnight Snack", airs on Chicago's CAN TV 19 (cable channel 19). If you're not in Chicago/don’t have cable then you can still watch via the link below:
cantv.org/watch/stream...
“Midnight Snack” will air on #CANTV all through this Halloween season!
cantv.org/watch/stream...
“Midnight Snack” will air on #CANTV all through this Halloween season!
It’s movie night! Eagerly awaiting the premiere screening of our new short, "Midnight Snack"at Landmark Century Cinemas in Chicago! @samclocke.bsky.social and the rest of the cast and crew did an incredible job creating this and I’m thrilled to be a part of it! www.youtube.com/watch?v=sg_j...
September 30, 2025 at 2:03 AM
It’s movie night! Eagerly awaiting the premiere screening of our new short, "Midnight Snack"at Landmark Century Cinemas in Chicago! @samclocke.bsky.social and the rest of the cast and crew did an incredible job creating this and I’m thrilled to be a part of it! www.youtube.com/watch?v=sg_j...
If you’re in Milwaukee, WI today and are a fan of #HorrorFilms, stop by the Milwaukee Horror Con for Block One of their #FilmFestival at 5:15pm to catch our short film: #MidnightSnack (it’s been nominated for an award)! unholy-entertainment.ticketspice.com/milwaukee-ho...
Milwaukee Horror Con - Fall Frightmare
Get tickets online for Milwaukee Horror Con - Fall Frightmare here.
unholy-entertainment.ticketspice.com
September 5, 2025 at 8:55 PM
If you’re in Milwaukee, WI today and are a fan of #HorrorFilms, stop by the Milwaukee Horror Con for Block One of their #FilmFestival at 5:15pm to catch our short film: #MidnightSnack (it’s been nominated for an award)! unholy-entertainment.ticketspice.com/milwaukee-ho...
Security researchers are warning of a possible zero-day vulnerability in TZ and NSa-series SonicWall firewalls with SSLVPN enabled that is being actively exploited to bypass MFA and deploy ransomware. Firmware versions 7.2.0-7015 and earlier appear to be impacted.
www.huntress.com/blog/exploit...
www.huntress.com/blog/exploit...
Active Exploitation of SonicWall VPNs | Huntress
A likely zero-day vulnerability in SonicWall VPNs is being actively exploited to bypass MFA and deploy ransomware. Huntress advises disabling the VPN service immediately or severely restricting access...
www.huntress.com
August 5, 2025 at 5:51 PM
Security researchers are warning of a possible zero-day vulnerability in TZ and NSa-series SonicWall firewalls with SSLVPN enabled that is being actively exploited to bypass MFA and deploy ransomware. Firmware versions 7.2.0-7015 and earlier appear to be impacted.
www.huntress.com/blog/exploit...
www.huntress.com/blog/exploit...
Reposted by Peter
A trick I picked up from @k8em0.bsky.social some years ago: Always ask if they have the technical means, such as logs, to detect evidence of exfiltration (and/or exploitation)?
"No evidence" doesn't mean data wasn't taken. It can simply mean that they don't have the ability to check.
"No evidence" doesn't mean data wasn't taken. It can simply mean that they don't have the ability to check.
Update: DHS spokesperson says “no evidence of data exfiltration at DHS or any of its components at this time.”
July 24, 2025 at 1:32 PM
A trick I picked up from @k8em0.bsky.social some years ago: Always ask if they have the technical means, such as logs, to detect evidence of exfiltration (and/or exploitation)?
"No evidence" doesn't mean data wasn't taken. It can simply mean that they don't have the ability to check.
"No evidence" doesn't mean data wasn't taken. It can simply mean that they don't have the ability to check.
Reposted by Peter
Great news that Japanese police have put together a free decryptor for the Phobos ransomware (helped no doubt by arrested of suspected members of the gang, and the seizure of its infrastructure)
www.fortra.com/blog/free-de...
www.fortra.com/blog/free-de...
Free decryptor for victims of Phobos ransomware released
Police have released a free decryptor capable of recovering files encrypted by both the notorious Phobos ransomware, and its offshoot 8Base.
www.fortra.com
July 24, 2025 at 4:48 PM
Great news that Japanese police have put together a free decryptor for the Phobos ransomware (helped no doubt by arrested of suspected members of the gang, and the seizure of its infrastructure)
www.fortra.com/blog/free-de...
www.fortra.com/blog/free-de...
Broadcom is warning that a trio of VMware vulnerabilities (tracked as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226) are currently being actively exploited in the wild.
Broadcom is warning that a trio of VMware vulnerabilities are being actively exploited by hackers to compromise the networks of its corporate customers techcrunch.com/2025/03/05/b...
Broadcom urges VMware customers to patch 'emergency' zero-day bugs under active exploitation | TechCrunch
Security experts warn of ‘huge impact’ of actively exploited hypervisor flaws that allow sandbox escape
techcrunch.com
March 5, 2025 at 3:06 PM
Broadcom is warning that a trio of VMware vulnerabilities (tracked as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226) are currently being actively exploited in the wild.
As an old theatre kid myself, I wholeheartedly approve! 🏅
School play gets canceled for "inappropriate content".
In response students write [REDACTED], their own anti-censorship play skewering the school district, sells out performances, and ultimately takes gold at the Lenaea High School Theatre Festival.
www.kqed.org/arts/1397192...
In response students write [REDACTED], their own anti-censorship play skewering the school district, sells out performances, and ultimately takes gold at the Lenaea High School Theatre Festival.
www.kqed.org/arts/1397192...
After Censorship, Santa Rosa Students Write Their Own Play — and Take the Gold | KQED
A state festival awarded top honors to ‘REDACTED,’ which ruthlessly lampooned district officials.
www.kqed.org
February 19, 2025 at 3:55 AM
As an old theatre kid myself, I wholeheartedly approve! 🏅
Officially going to avoid investing in any Zyxel products in the future…
Zyxel has no plans to release patches for two zero-days under attack and is advising customers to replace vulnerable routers. The company says these devices have been “EOL for years” - but the devices are not on Zyxel’s EOL page, and some are still available to buy techcrunch.com/2025/02/05/r...
Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers | TechCrunch
The Taiwanese hardware maker says it has no plans patch the flaws impacting legacy router models
techcrunch.com
February 5, 2025 at 3:08 PM
Officially going to avoid investing in any Zyxel products in the future…
Chicago folks: I’ve got a show this Saturday, February 1st at 7:30pm CT at The Second City!
Join us for some laughs, maybe a little romance, and the exact amount of rats you’d expect! Grab your tickets now for Date Night with the Rats:
www.secondcity.com/shows/chicag... #comedy #improv #chicago
Join us for some laughs, maybe a little romance, and the exact amount of rats you’d expect! Grab your tickets now for Date Night with the Rats:
www.secondcity.com/shows/chicag... #comedy #improv #chicago
January 31, 2025 at 5:15 PM
Chicago folks: I’ve got a show this Saturday, February 1st at 7:30pm CT at The Second City!
Join us for some laughs, maybe a little romance, and the exact amount of rats you’d expect! Grab your tickets now for Date Night with the Rats:
www.secondcity.com/shows/chicag... #comedy #improv #chicago
Join us for some laughs, maybe a little romance, and the exact amount of rats you’d expect! Grab your tickets now for Date Night with the Rats:
www.secondcity.com/shows/chicag... #comedy #improv #chicago
Bookmarking this site for inevitable future use! #techsupport
Are you the "tech person" of the family? 👩💻
Now EFF has resources you can share! Send your family and friends to Digital Rights Bytes to get their tech questions answered.
Now EFF has resources you can share! Send your family and friends to Digital Rights Bytes to get their tech questions answered.
Welcome to Digital Rights Bytes
Digital Rights Bytes
digitalrightsbytes.org
January 31, 2025 at 7:15 AM
Bookmarking this site for inevitable future use! #techsupport
Great article highlighting the frustration a lot of IT teams are experiencing right now with A.I.
“Google has made opting in to generative A.I. the default. You have to go the extra mile and wait, sometimes hours, in the support queue to even have the option to opt out.”
slate.com/technology/2...
“Google has made opting in to generative A.I. the default. You have to go the extra mile and wait, sometimes hours, in the support queue to even have the option to opt out.”
slate.com/technology/2...
Google Quietly Installed A.I. to My Workspace. Getting Rid of It Was Creepy.
Opting out should not be a premium feature. It’s a basic right.
slate.com
January 30, 2025 at 3:17 PM
Great article highlighting the frustration a lot of IT teams are experiencing right now with A.I.
“Google has made opting in to generative A.I. the default. You have to go the extra mile and wait, sometimes hours, in the support queue to even have the option to opt out.”
slate.com/technology/2...
“Google has made opting in to generative A.I. the default. You have to go the extra mile and wait, sometimes hours, in the support queue to even have the option to opt out.”
slate.com/technology/2...
Reposted by Peter
I advise blocking...
"Scans of DeepSeek's infrastructure showed that the company had accidentally left more than a million lines of data available unsecured. Those included digital software keys and chat logs that appeared to capture prompts being sent from users."
www.reuters.com/technology/a...
"Scans of DeepSeek's infrastructure showed that the company had accidentally left more than a million lines of data available unsecured. Those included digital software keys and chat logs that appeared to capture prompts being sent from users."
www.reuters.com/technology/a...
Sensitive DeepSeek data exposed to web, cyber firm says
New York-based cybersecurity firm Wiz says it has found a trove of sensitive data from the Chinese artificial intelligence startup DeepSeek inadvertently exposed to the open internet.
www.reuters.com
January 30, 2025 at 1:53 PM
I advise blocking...
"Scans of DeepSeek's infrastructure showed that the company had accidentally left more than a million lines of data available unsecured. Those included digital software keys and chat logs that appeared to capture prompts being sent from users."
www.reuters.com/technology/a...
"Scans of DeepSeek's infrastructure showed that the company had accidentally left more than a million lines of data available unsecured. Those included digital software keys and chat logs that appeared to capture prompts being sent from users."
www.reuters.com/technology/a...
Copilot should have been an opt-in feature to begin with, but the fact that Microsoft did not build a way for IT to disable it right “out-of-the-box” is incredibly irresponsible.
Many companies are already blocking AI tools only for them to learn that the call is now coming from inside the house.
Many companies are already blocking AI tools only for them to learn that the call is now coming from inside the house.
After spending more than an hour on the phone with Microsoft Support, I have learned:
1. It is impossible to disable Copilot in OneNote, Excel, PowerPoint, or Windows itself.
2. It will not become possible to do so for another month AT THE EARLIEST.
(1/?)
1. It is impossible to disable Copilot in OneNote, Excel, PowerPoint, or Windows itself.
2. It will not become possible to do so for another month AT THE EARLIEST.
(1/?)
Anyone know how to disable Copilot in OneNote? There's no tickybox for it in the "Options" page, I already turned off "online experiences" or whatever, and when I tried uninstalling the Copilot app, the only change seems to be that I no longer have an "uninstall" option on the Copilot app.
January 25, 2025 at 5:28 AM
Copilot should have been an opt-in feature to begin with, but the fact that Microsoft did not build a way for IT to disable it right “out-of-the-box” is incredibly irresponsible.
Many companies are already blocking AI tools only for them to learn that the call is now coming from inside the house.
Many companies are already blocking AI tools only for them to learn that the call is now coming from inside the house.
100% this!
A company will spend millions of dollars to insert network IPS rather than implement default deny firewall and scoped IPsec that makes the endpoints entirely immune. You don't even need to patch them, because you cannot talk to them. But it's easier to spend millions than architect. That is the gap.
January 22, 2025 at 3:04 PM
100% this!
Reposted by Peter
A bug in Cloudflare (and just the nature of how CDNs work) let an attacker learn the broad location of Discord, Signal, Twitter users by just sending them an image, according to a security researcher. It works because check which data center cached the image www.404media.co/cloudflare-i...
Cloudflare Issue Can Leak Chat App Users' Broad Location
A security researcher made a tool that let them quickly check which of Cloudflare's data centers had cached an image, which allowed them to figure out what city a Discord, Signal, or Twitter/X user mi...
www.404media.co
January 21, 2025 at 2:40 PM
A bug in Cloudflare (and just the nature of how CDNs work) let an attacker learn the broad location of Discord, Signal, Twitter users by just sending them an image, according to a security researcher. It works because check which data center cached the image www.404media.co/cloudflare-i...
The Chicago Legal Responder Network created a series of short videos (los videos están en español) about what to do if ICE shows up at your house, job, stops you while driving, etc.
Conozca sus derechos. Qué hacer si lo detiene la policía de inmigración.
youtube.com/@chicagolega...
Conozca sus derechos. Qué hacer si lo detiene la policía de inmigración.
youtube.com/@chicagolega...
January 21, 2025 at 12:43 AM
The Chicago Legal Responder Network created a series of short videos (los videos están en español) about what to do if ICE shows up at your house, job, stops you while driving, etc.
Conozca sus derechos. Qué hacer si lo detiene la policía de inmigración.
youtube.com/@chicagolega...
Conozca sus derechos. Qué hacer si lo detiene la policía de inmigración.
youtube.com/@chicagolega...
If you’re running FortiOS 7.0.0 - 7.0.16 or FortiProxy 7.0.0 - 7.0.19 and 7.2.0 - 7.2.12 you need to upgrade asap! An authentication bypass, tracked as CVE-2024-55591, is being actively exploited in the wild & may allow remote attackers super-admin privileges.
fortiguard.fortinet.com/psirt/FG-IR-...
fortiguard.fortinet.com/psirt/FG-IR-...
PSIRT | FortiGuard Labs
None
fortiguard.fortinet.com
January 15, 2025 at 2:53 PM
If you’re running FortiOS 7.0.0 - 7.0.16 or FortiProxy 7.0.0 - 7.0.19 and 7.2.0 - 7.2.12 you need to upgrade asap! An authentication bypass, tracked as CVE-2024-55591, is being actively exploited in the wild & may allow remote attackers super-admin privileges.
fortiguard.fortinet.com/psirt/FG-IR-...
fortiguard.fortinet.com/psirt/FG-IR-...
Reposted by Peter
The FBI says it has mass-deleted malware planted by the China-backed hacking group known as “Twill Typhoon from thousands of infected systems across the US techcrunch.com/2025/01/14/d...
DOJ confirms FBI operation that mass-deleted Chinese malware from thousands of US computers | TechCrunch
The FBI says it was authorized to mass-remove “PlugX” malware from more than 4,000 compromised machines in the United States
techcrunch.com
January 14, 2025 at 4:38 PM
The FBI says it has mass-deleted malware planted by the China-backed hacking group known as “Twill Typhoon from thousands of infected systems across the US techcrunch.com/2025/01/14/d...
Reposted by Peter
We've also included some helpful guidance on what you can do to prevent advertising surveillance, including at the mobile device level.
“If you disable the app tracking, your data has not been shared,” @fs0c131y.com told TechCrunch.
Ad-blockers are your friend!
techcrunch.com/2025/01/13/g...
“If you disable the app tracking, your data has not been shared,” @fs0c131y.com told TechCrunch.
Ad-blockers are your friend!
techcrunch.com/2025/01/13/g...
Data broker Gravy Analytics confirms a data breach after a hacker leaked millions of location records
The company confirmed the breach after a hacker posted millions of location data records online.
techcrunch.com
January 13, 2025 at 12:53 PM
We've also included some helpful guidance on what you can do to prevent advertising surveillance, including at the mobile device level.
“If you disable the app tracking, your data has not been shared,” @fs0c131y.com told TechCrunch.
Ad-blockers are your friend!
techcrunch.com/2025/01/13/g...
“If you disable the app tracking, your data has not been shared,” @fs0c131y.com told TechCrunch.
Ad-blockers are your friend!
techcrunch.com/2025/01/13/g...
Reposted by Peter
🔥 new blog detailing 0day exploitation of Ivanti appliances as well as some newly observed malware families tracked as PHASEJAM and DRYHOOK. We also detail activity related to the previously observed SPAWN* malware ecosystem tied to China-nexus cluster UNC5337.
cloud.google.com/blog/topics/...
cloud.google.com/blog/topics/...
Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation | Google Cloud Blog
Zero-day exploitation of Ivanti Connect Secure VPN vulnerabilities since as far back as December 2024.
cloud.google.com
January 9, 2025 at 12:42 AM
🔥 new blog detailing 0day exploitation of Ivanti appliances as well as some newly observed malware families tracked as PHASEJAM and DRYHOOK. We also detail activity related to the previously observed SPAWN* malware ecosystem tied to China-nexus cluster UNC5337.
cloud.google.com/blog/topics/...
cloud.google.com/blog/topics/...
Reposted by Peter
Cyber journalist friends: when reporting on healthcare industry plans to do nothing on cybersecurity or even to roll back protections, please get them to respond to this type of data point (via @downing.bsky.social) papers.ssrn.com/sol3/papers....
January 8, 2025 at 5:38 PM
Cyber journalist friends: when reporting on healthcare industry plans to do nothing on cybersecurity or even to roll back protections, please get them to respond to this type of data point (via @downing.bsky.social) papers.ssrn.com/sol3/papers....
Reposted by Peter
US edtech giant PowerSchool says hackers compromised the personal data of students and teachers after breaching its customer support portal. PowerSchool's software is used by over 16,000 customers to support more than 50 million students techcrunch.com/2025/01/08/e...
Edtech giant PowerSchool says hackers accessed personal data of students and teachers | TechCrunch
The Bain Capital-owned edtech giant says hackers accessed its customer support portal using a "compromised credential."
techcrunch.com
January 8, 2025 at 2:20 PM
US edtech giant PowerSchool says hackers compromised the personal data of students and teachers after breaching its customer support portal. PowerSchool's software is used by over 16,000 customers to support more than 50 million students techcrunch.com/2025/01/08/e...