banner
richi.bsky.social
Richi Jennings
@richi.bsky.social
660 followers 1.1K following 280 posts
Foolish #analyst/#editor: #TechstrongGroup #ReversingLabs #OstermanRsch | Links: https://richi.uk
richi.uk
Posts Media Videos Starter Packs
Pinned
richi.bsky.social
Richi Jennings @richi.bsky.social · 14h
#Redis (Remote Dictionary Server) and its open source fork #Valkey share a scary flaw that can give an attacker full RCE. It’s been assigned a max CVSS score of 10.0—you don’t often see that.

#Redis shouldn’t normally be exposed to the internet, but it often is. In #SBBlogwatch, we descend a layer:
#RediShell: Redis/Valkey Get ‘Perfect 10’ Critical RCE Vuln
Redis hell: CVSS 10.0 vulnerability in ubiquitous cloud storage layer. PATCH NOW.
securityboulevard.com
2 2
richi.bsky.social
Richi Jennings @richi.bsky.social · 14h
#Redis (Remote Dictionary Server) and its open source fork #Valkey share a scary flaw that can give an attacker full RCE. It’s been assigned a max CVSS score of 10.0—you don’t often see that.

#Redis shouldn’t normally be exposed to the internet, but it often is. In #SBBlogwatch, we descend a layer:
#RediShell: Redis/Valkey Get ‘Perfect 10’ Critical RCE Vuln
Redis hell: CVSS 10.0 vulnerability in ubiquitous cloud storage layer. PATCH NOW.
securityboulevard.com
2 2
Reposted by Richi Jennings
Sean Michael Kerner @techjournalist.bsky.social · 7d
15 yrs later...OpenStack continues to improve
->Security improvements and confidential computing enhancements are also part of OpenStack 2025.2, known as Flamingo. www.networkworld.com/article/4066... @networkworld.bsky.social
OpenStack Flamingo pays down technical debt as adoption continues to climb
Security improvements and confidential computing enhancements are also part of OpenStack 2025.2, known as Flamingo.
www.networkworld.com
1 3
Reposted by Richi Jennings
sjvn.bsky.social
sjvn @sjvn.bsky.social · 6d
Greg Kroah-Hartman explains the Cyber Resilience Act for open source developers theregister.com/2025/09/30/c... via @theregister.com & @sjvn.bsky.social

Greg K-H explains what #opensource developers need to know about the CRA, but why they don't need to be worried sick about it.
Kroah-Hartman explains Cyber Resilience Act for open source
Opinion: Impact? Nope, don't worry, be happy, says Linux veteran
theregister.com
4 8
Reposted by Richi Jennings
brideoflinux.bsky.social
Christine Hall @brideoflinux.bsky.social · 6d
Just published on FOSS Force: ElementaryOS 8.0.2: Not a Grand Slam, but a Solid Base Hit fossforce.com/2025/10/elem...
ElementaryOS 8.0.2: Not a Grand Slam, but a Solid Base Hit - FOSS Force
Although downloading the distro might feel like a confrontation with an overzealous panhandler, once installed, elementaryOS rewards users with a robust Linux experience.
fossforce.com
1 3
richi.bsky.social
Richi Jennings @richi.bsky.social · 5d
#Japan​’s biggest producer of beer is still not producing any beer this week. #Asahi Group Holdings shut down production Monday after detecting a cyber intruder.

And today it’s confirmed fears of #ransomware. In #SBBlogwatch, we dry out.

securityboulevard.com/2025/10/japa...
Asahi Hack Update: Beer-Free Day #5 Dawns in Japanese Ransomware Crisis
金のうんこ! Breaking: Big beer brewer belatedly believes bitten by ransomware—and likely a data breach.
securityboulevard.com
4 4
Reposted by Richi Jennings
Sean Michael Kerner @techjournalist.bsky.social · 13d
New research released today from Databricks shows how its GEPA (Generative Evolutionary Prompt Adaptation) technique improves prompt optimization by an order of magnitude.

venturebeat.com/ai/the-usd10...
venturebeat.com
4 5
Reposted by Richi Jennings
brideoflinux.bsky.social
Christine Hall @brideoflinux.bsky.social · 9d
Just published on FOSS Force: TuxCare Expands Full Enterprise Support to Include Rocky Linux 9.6 fossforce.com/2025/09/tuxc...
TuxCare Expands Full Enterprise Support to Include Rocky Linux 9.6
TuxCare has added Rocky Linux 9.6 to its 'Enterprise Support' service that had been exclusive to AlmaLinux.
fossforce.com
2 3
Reposted by Richi Jennings
sjvn.bsky.social
sjvn @sjvn.bsky.social · 9d
OpenNvidia could become the #AI generation's WinTel theregister.com/2025/09/29/n... via @theregister.com & @sjvn.bsky.social

I never liked WinTel much, and the OpenAI/Nvidia combo, OpenNvidia, isn't to my taste either.
OpenNvidia could become the AI generation's WinTel
Opinion: Duo could dominate in the same way Microsoft and Intel ruled PCs for decades
theregister.com
1 1 3
richi.bsky.social
Richi Jennings @richi.bsky.social · 9d
The #Akira gang have found a way to override the multifactor authentication in #SonicWall SSL VPN appliances. These scrotes appear to be able to move laterally from the VPN boxes to deploy #ransomware.

It’s worrying that they’ve broken SonicWall’s #2FA. In #SBBlogwatch, we hear customers’ anger:
‘Aggressive’ Akira Ransomware Blitz Clubs SonicWall 2FA to DEATH
Strange factors: Yet another security problem plaguing SonicWall customers.
securityboulevard.com
3 3
Reposted by Richi Jennings
brideoflinux.bsky.social
Christine Hall @brideoflinux.bsky.social · 26d
Just published on FOSS Force: ASF Retires Indigenous Imagery–But Keeps ‘Apache’ Name for Now fossforce.com/2025/09/asf-...
ASF Retires Indigenous Imagery-But Keeps 'Apache' Name for Now - FOSS Force
Stuck between a rock and a hard place, ASF ditches the feather, but keeps the Apache name: not enough for the left, too ‘woke’ for the right?
fossforce.com
2 2
Reposted by Richi Jennings
estherschindler.bsky.social
Esther Schindler @estherschindler.bsky.social · 26d
Detangling SBOM, CVE, and Regulatory Mandates

It is tempting to include #CVE references in an #SBOM because, after all, that is what is in the inventory today — but adding dynamic content makes the entire SBOM dynamic.

www.windriver.com/blog/Detangl...
Detangling SBOM, CVE, and Regulatory Mandates
Software bills of materials (SBOMs) and Common Vulnerabilities and Exposures (CVEs) are not new concepts to software developers, and the two are not inherently related.
www.windriver.com
1 1
Reposted by Richi Jennings
sjvn.bsky.social
sjvn @sjvn.bsky.social · 23d
You can get Nvidia's CUDA on three popular enterprise Linux distros now - why it matters zdnet.com/article/you-... via @zdnet.bsky.social & @sjvn.bsky.social

You can now get the
#NVIDIA CUDA #AI Toolkit packed and ready to go on Rocky Linux, SUSE Linux, and Ubuntu.
You can get Nvidia's CUDA on three popular enterprise Linux distros now - why it matters
The CUDA AI toolkit is being packaged with Rocky Linux, SUSE Linux, and Ubuntu.
zdnet.com
1 2
Reposted by Richi Jennings
estherschindler.bsky.social
Esther Schindler @estherschindler.bsky.social · 23d
If you dispose of your old corporate laptops without making sure – really sure – that their drives are erased, you could be liable for millions of dollars in fines or legal damages if sensitive data falls into the wrong hands. www.theregister.com/2025/09/14/d...
Destroy data on old laptops or face major liability
: Doing a simple system reset may not be enough to save you from fines and lawsuits
www.theregister.com
2 3
Reposted by Richi Jennings
Sean Michael Kerner @techjournalist.bsky.social · 22d
Sure you can do QA for AI code inside of AI tools, but do you trust it? There are a lot of tools for doing AI code review, including CodeRabbit. How do you choose and figure out what's best?
venturebeat.com/ai/with-vibe...
venturebeat.com
2 4
richi.bsky.social
Richi Jennings @richi.bsky.social · 22d
Iconic British brand warns it would stay stalled for longer. Loose confederation of threat actors, now calling itself Scattered Lapsus$ Hunters, claims it hacked the big car firm—via tedious Telegram trolling.

Yes, it’s those Salesforce vish kiddies again. In #SBBlogwatch, we drive the point home.
Jaguar Land Rover Admits to Longer Shutdown as Childish Hackers Troll Carmaker
JLR vs. SLH: Jaguar Land Rover woes worse than previously thought.
securityboulevard.com
1 1
Reposted by Richi Jennings
sjvn.bsky.social
sjvn @sjvn.bsky.social · 28d
Why Techmeme is still every tech pro's go-to news source after 20 years zdnet.com/article/why-... via @zdnet.bsky.social & @sjvn.bsky.social

Techmeme, the old-school tech news aggregator site, turns 20 and looks good for 20 more years.
Why Techmeme is still every tech pro's go-to news source after 20 years
Techmeme began as 'tech.memeorandum' on Sept. 12, 2005. Even AI can't seem to slow it down.
zdnet.com
2 6
Reposted by Richi Jennings
brideoflinux.bsky.social
Christine Hall @brideoflinux.bsky.social · 27d
Just published on FOSS Force: Linux Lite 7.6: Plenty for Windows Refugees, But Too Dumbed Down for Comfort fossforce.com/2025/09/linu...
Linux Lite 7.6: Plenty for Windows Refugees, But Too Dumbed Down for Comfort - FOSS Force
Linux Lite 7.6 might come off as patronizing to new users abandoning Windows 10, and too simplistic for the Linux faithful.
fossforce.com
3 4
richi.bsky.social
Richi Jennings @richi.bsky.social · 27d
U.S. sen #RonWyden demanding #FTC do something about #Microsoft already. Says Satya’s crew to blame for some awful #ransomware attacks, via vuln 10+ years old.

#Kerberoasting exploit affects #ActiveDirectory installs not configured to modern specs. In #SBBlogwatch, we wonder where to point fingers:
Microsoft’s ‘Gross Cybersecurity Negligence Threatens National Security’
Roasting Redmond for Kerberoasting: “Like an arsonist selling firefighting services,” quips this 76-year-old.
securityboulevard.com
3 5
richi.bsky.social
Richi Jennings @richi.bsky.social · 29d
…2:
Rick's whining is because he doesn't understand how ContentID works, apparently. That's not to argue it sucks, but a 5M-sub YT creator will have an account rep who can fix these issues. He chooses not to use that because it's good content.
richi.bsky.social
Richi Jennings @richi.bsky.social · 29d
Yeahno, this isn't the same. This appears to be a bogus DMCA notice, which would be illegal. Nothing to do with Fair Use/Dealing (in fact, not really to do with copyright law).

…cont…
1
Reposted by Richi Jennings
estherschindler.bsky.social
Esther Schindler @estherschindler.bsky.social · Sep 7
Care about the way EVs are made?

Busbars — solid metal conductors — are emerging as the technology of choice for EV charging harnesses and other high-voltage connections within a vehicle.
www.aptiv.com/en/insights/...
Spot Coating Ensures Better Connections — and Saves Costs
While spot coating in general is not a new process in industries such as aerospace, oil and gas, and utilities, the application of spot coating in automotive busbars is an Aptiv innovation.
www.aptiv.com
1 3 6
Reposted by Richi Jennings
sjvn.bsky.social
sjvn @sjvn.bsky.social · Sep 8
This? This is it? Instead of being broken up, Google gets a slap on the wrist. computerworld.com/article/4052... via
@computerworld.com & @sjvn.bsky.social

Going forward, it's business as usual for #Google as the company gets to continue its search monopoly after a slap on the wrist.
Google gets away almost scot-free in US search antitrust case
This? This is it? Instead of being broken up, Google gets a slap on the wrist.
computerworld.com
1 2
Reposted by Richi Jennings
Sean Michael Kerner @techjournalist.bsky.social · 29d
Airflow isn't the only open-source data orchestration platform...Kestra 1.0 just dropped and it's taking a declarative approach at changing enterprise data workflows.

venturebeat.com/data-infrast...
venturebeat.com
3 4
richi.bsky.social
Richi Jennings @richi.bsky.social · 29d
I remember "Maggie" when she was a Microsoft marketroid, 15–20 years ago. I found her decent—in both senses of the word "decent."
1
Reposted by Richi Jennings
brideoflinux.bsky.social
Christine Hall @brideoflinux.bsky.social · Sep 8
Just published on FOSS Force: Margaret Dawson Named CMO at SUSE, Bringing Cloud and Linux Expertise fossforce.com/2025/09/marg...
Margaret Dawson Named CMO at SUSE, Bringing Cloud and Linux Expertise - FOSS Force
With stints at Red Hat, Apptio, and Chronosphere, Margaret Dawson brings plenty of tech cred to her new CMO post at SUSE.
fossforce.com
2 3 5