Maut aur Ghaibat Mein Farq | Younus AlGohar | ALRA TV youtu.be/PRNhy2FMsPA?... via @YouTube #Question #Answer #Session #Topic #Quran #Sunnah #HadithOfTheDay #Hadiths #Sufism #Tasawwuf #Sufis #Important #Discussion #fypシ゚ #viralvídeo #Urdu #Lectures #Speech #Knowledge #Teachings #viralreels #reeks

Take up space. You deserve to be seen & heard. You matter. 💛

#thoughts #bluesky #relationships #topic

#BRiCS is laughing

They managed to crack #MuricunHegemony, #MuricunExceptionalism & the #PetroDollar for the #PetroYuan in one fucking year…
Sadly, I have been warning people but nobody listens to #ThisCanadian or any of the #topic #knowledgeable #Women she cites…

🤷🏻‍♀️

👀 Look at #AQAs #FREE #resources for #GCSE #Maths exam #intervention & preparation.

In the lead up to the first exam, we have short & long versions of #topic tests for #students to improve their confidence & success as part of their #revision

www.aqa.org.uk/all-about-ma...

What's up? #topic

How bad was it this time? New proposal appears for better incident evaluation and reporting – without the inflation. Slide used at my lecture on Operational Energy and Cybersecurity at Baltic Defence College in Tartu, Estonia to an audience of Defence ministry civilians and military participants. The bullet points come from reading official reports (published a month later) on the 29 December 2025 cyber attack on Polish power grid. Making a judgement on an incident takes time and the participation of people closest to what happened. In following the various ICS cyber incidents since 2010 I often asked myself: how significant is this incident for the sector of critical infrastructure in which it occurred? Was it an incident due to some unintentional accident, operator error, equipment fault or was malicious intent involved? Then I try to get a reading on the skill level of the attacker(s) and then think about motive. Was it financial gain, pranksterism, or something more sinister. In addition, I try to place the event in context of the current security environment and estimate what it means for industry. The media (consisting of journalists and non-engineers) is helpful in first bringing the event to our attention. However, it is hard to come to any useful conclusion in the absence of an official report on what, who, where, how and why something happened. I have often asked my engineering colleagues for their take on what happened and any lessons learned. This sharing of views is most helpful but still not enough sometimes to decide on whether this is a one-off incident, not likely to be repeated soon, or whether it is part of a new trend to be concerned about and prepare for. Recently an industry opinion leader who organizes a well-attended annual ICS security conference, announced a new initiative, The OT Incident Impact Score, to try to take away the counterproductive media’s spin on an event[1]. I believe that he and his colleagues participating in the initiative will try to inject some industry savvy evaluation of what happened before the media bubble has a chance to distort and/or amplify the story. Perhaps even help to avoid counterproductive outcomes such as holding unnecessary government hearings. I read Mr. Peterson’s brief announcement and description of the proposal and while he adds a caveat that it is “not a metric for the OT security community”, I see some challenges to overcome for this initiative to be something useful for the community he refers to. First, in my opinion, the brief places a less than favorable characterization on the engineers working hard to keep critical infrastructure up and running by implying that they are the cause (“… from us, the OT security community”) of the less than useful media announcements on incidents. Certainly a better illustrative example could have been chosen than a swimming pool or water tank incident to make the point[2]. Regarding serious ICS incidents, in most cases, the engineers and crews are working hard to address the problem and bring things back to normal. These announcements to the press that are referred to tend to come from members of the C-Suite, government officials, their public relations people or security solution salesmen. Those that are farther from where things happened and likely to be initially less informed about the process affected. That IMO is what is wrong, and what Mr. Peterson’s proposal will try to address. Now for the challenges in implementing this interesting proposal. **Challenge number one** comes from the time frame to provide information to the public “in 12 hours or sooner of the incident being reported”[3]. I believe this exposes a weakness in the value of the scoring provided in such short time. The main issue is that in most announced incidents via the media the first reports tend to be inaccurate. One example is the San Bruno Pipeline Explosion (2010) which news sites for several hours reported the cause to be from a fire, gas station explosion and even a plane crash[4]. Getting the facts about what happened in the first moments after an incident is complicated by many factors of uncertainty from lack of confirmed information, time pressure to announce something, and other “fog of war” type factors. **The next challenge** for scoring is the lack of forensics which requires not only some time but available expertise on-site. A good example of this is the time it took (several months) for operators of that Saudi Arabian refinery during the Triton/Trisis/Hatman incident for them to understand that malicious intent was behind SIS caused unplanned plant shutdowns in the summer of 2017. The operators were initially led to believe that their SIS was ok after diagnostics were performed by the manufacturer after the first shutdown. It was only after the second shutdown and after a consultant from the outside was brought in that they learned of the cyber-attack on their critical safety and control systems. This incident was a topic of great interest at one of the S4 conferences.[5] **Sadly, without forensic investigations and availability of a published report the scoring can be considered as educated opinions or guesses at best**. **The last challenge** insuring that the scoring of an incident is based on objective facts. In lieu of a forensic investigation and publication of an official report the only source of information about an incident that can be reliably trusted while the investigation is underway and while the report is being written is from the engineers who encountered and are addressing what happened. Asking questions to on-site responders shortly after an incident or one that still not under control would be problematic. These responders are likely to be fully engaged in the heat of the moment, under stress, and possibly trying to keep their minds free for what to tell the bosses, media and legal department. **Then there are membership concerns.** The requirements for becoming a member of this scoring group meant to improve evaluation of incidents seem low – “OT professionals who are minimally vetted. (Are they a real person and are they involved in OT”). I suspect that extra vetting points will be automatically added if the candidate has attended the S4 conferences. Otherwise, one has reason to seriously wonder about the worth of the incident scoring. As a former co-chair of ISA 99 Workgroup 16 on Incident Management, we realized the importance of tapping into the knowledge of control system professionals with experience in managing ICS incidents[6]. The best candidates for becoming members of this select group of incident scorers would be people who have an engineering background and direct experience with incident management. Better to get this information from those who were involved in the incident. Their knowledge of the system and what happened to what would surely provide a sounder basis for any judgement about scoring. Alas, for various reasons such as confidentiality issues this kind of information is not likely to be available inside of 12 hours. One word of advice: make sure there is a mix of views. It would not be a good thing if this ended up as a platform for cyber incident skeptics to prosper. While the major incidents that we know of that involve state actors are few, that does not mean the lessons of Stuxnet are not being studied and learned from. IMO the best source for objective judgement on the severity of an incident which can be scored with some confidence are official reports published not hours but months after an investigation. Two most recent examples are several reports and analyses on the Iberian blackout and cyber-attack on the Polish grid in April[7] and December[8] 2025 respectively. After reading these reports that have some input from those who participated in managing the incident are one of the most valuable sources to support one’s judgement in assigning a severity score. The scorers will have to deal with a headline/deadline driven media that may not wait a month before reporting on a story. However, if the media and scorers could wait for more solid information, both would surely provide better information to the public and especially to policy makers. It is too much perhaps to ask that the scoring group perform one more service besides. I would recommend adding some further analysis and provide a heads up for all those “involved with OT”. For example, using the two incidents referred to above. One can say something about whether the incidents involving DER in both cases represent some trend or whether they show similarities and patterns with previous incidents. Perhaps a little added analysis and recommendations based on lessons learned provided by these incidents can also be made by this select group? The risk is that poor information even with this noble initiative will continue to feed poorly informed and incident inflation centric media. My 11-euro cents adjusted for inflation and higher shipping costs. * * * [1] https://www.linkedin.com/pulse/reducing-ot-incident-impact-inflation-dale-peterson-uy3xc/ [2] It is amazing since the publication of the 2023 US Cybersecurity Strategy to see the use of such trivial examples as the use of baby monitors. In this proposal we have swimming pools where many readers are perhaps looking more for something more relevant to a nation’s critical infrastructure. [3] Ibid. [4] Read the NTSB report https://www.ntsb.gov/investigations/accidentreports/reports/par1101.pdf [5] Watch Julian Gutmanis describe his “first responder’ experience at S4 https://www.youtube.com/watch?v=XwSJ8hloGvY [6] Please note my use of the term “ICS” instead of the media friendly “OT”. I never liked the use of the term OT in describing incidents such as Stuxnet or most recently the cyber-attack on RTU’s in Poland on 29 December 2025. ICS, AIS, IACS as is used in ISA/IEC 62443 say more about the environment and the devices concerned than what is more about the control room where processes are mostly watched rather than controlled. [7] Published 28 July 2025 3 months after the incident https://aelec.es/wp-content/uploads/2025/07/20250730_CL_INESCTEC_Blackout_full-report_en.pdf or look at the Spanish operator’s REE report issued over a month later https://d1n1o4zeyfu21r.cloudfront.net/WEB_Incident_%2028A_SpanishPeninsularElectricalSystem_18june25.pdf or watch the NERC briefing on the incident https://www.youtube.com/watch?v=-ZbOnNnl15M [8] Published by CERT Polska on 30 January 2026, one month after the incident https://cert.pl/en/posts/2026/01/incident-report-energy-sector-2025/ Or look at Drago’s report issued about the same time, https://www.dragos.com/blog/poland-power-grid-attack-electrum-targets-distributed-energy-2025 Post Views: 134

How bad was it this time? New proposal appears for better incident evaluation and reporting – without the inflation. In following the various ICS cyber incidents since 2010 I often asked myself: ...

#General #Topic

Origin | Interest | Match

Ryan Clark blasts ’embarrassing’ Trump White House NFL-style war video Among those who were not happy with President Donald Trump’s NFL-style war video amid the Iran conflict is former Pro Bo...

#Celebrity #NFL #NFL #Stories #Donald #Trump #Ryan #Clark #Serious #Topic

Origin | Interest | Match

Image Source: Lorem Picsum (No alt text - sorry.)

While Donald Duck is pulling, Conor McGregor has already always jumped the step, alongside Carly Simon. #topic

Something I made a while ago in ChatGpt. Debate Theatre, anyone debating any topic and it generates some of the funniest shit I've seen in my life. Enjoy.
#chatgpt #ai #ronaldreagan #debate #ideas #topic #stage #cash #credit #laugh #funny #callofduty #lol #lmao #bluesky #fyp #foryoupage #mario

The OT cybersecurity community continues to ignore control system cyber incidents – a governance failure masquerading as a vocabulary issue Network cybersecurity (IT and OT) and control system organizations have fundamentally different objectives and criteria when it comes to identifying and addressing cyber incidents. The Verizon Data Breach report, the Dragos 2025 Report, and the OT I Impact Score are typical of OT cyber incident reporting that equate data breaches and ransomware with cyber incidents. Industry and government network security organizations cannot continue to ignore control system cyber incidents because the incidents don’t meet their narrow definition – this is a governance failure masquerading as a vocabulary issue. Network and engineering organizations need to accept the same cyber incident definition, and both network security and engineering organizations receive appropriate controls ystem cyber incident training. Otherwise, comparing numbers and impacts from network versus control system cyber incidents will continue not only to be an exercise in comparing apples to oranges, but will also leave our critical infrastructures dangerously cyber vulnerable. https://www.controlglobal.com/blogs/unfettered/blog/55360902/ot-cybersecurity-is-a-governance-failure-masquerading-as-a-vocabulary-issue Post Views: 22

The OT cybersecurity community continues to ignore control system cyber incidents – a governance failure masquerading as a vocabulary issue Network cybersecurity (IT and OT) and control system or...

#Critical #Infrastructure #General #Topic #Policy #Unfettered

Origin | Interest | Match

ネット上の付き合い｜ポイズン雷花 ネット上の付き合い、それはとても危うく、不安定な物。 何処の誰かも解らない、名前も顔も解らない。解ってるつもりでも、信憑性に欠ける。偽る、成りすますのはごく簡単。 友情、愛情、仲間意識。これらは幻想、或いは勘違いに過ぎん。都合の良い時だけ付き合う、話し掛けて来る。僅かでも都合が悪く成れば簡単に崩壊する、簡単に切り捨てられる。曖昧で脆い関係、情を持つのは愚かしく、自滅を招きかねない。 僅かでも興味な...

ネット上の付き合い
ネット上の付き合い、それはとても危うく、不安定な物。
何処の誰かも解らない、名前も顔も解らない。解ってるつもりでも、信憑性に欠ける。

note.com/poison_raika...

<>

#online #relationship #dangerous #unstable #someone #name #face #credibility #impersonate #friendship #love #camaraderie #illusion #talk #convenient #apart #fragile #topic #slightest #block

Віртуальні стосунки｜ポイズン雷花 Онлайн-стосунки дуже ризиковані та нестабільні. Я не знаю, хто вони і звідки, я не знаю їхніх імен чи облич. Навіть якщо ви думаєте, що розумієте це, це не викликає довіри. Дуже легко збрехати чи вида...

Віртуальні стосунки
Онлайн-стосунки дуже ризиковані та нестабільні.

note.com/poison_raika...

<>

#online #relationship #dangerous #unstable #someone #name #face #credibility #impersonate #friendship #love #camaraderie #illusion #talk #convenient #apart #fragile #topic #slightest #block #kick

The modern wolfish yo mama scared over the defiant, wistful human. #topic

Control system cyber incidents and network breaches are “apples and oranges” Network cybersecurity (IT and OT) and control system organizations have fundamentally different objectives and criteria when it comes to identifying cyber incidents. The Verizon Data Breach report is typical of reporting organizations that equate cyber incidents to data breaches. Control system cyber incidents include field device communication issues, automation malfunctions, loss-of-view, loss-of-control, and are not confined to confirmed attacks. Some of these incidents have led to injuries and deaths. Network security and engineering organizations need to accept the same cyber incident definition, and both network security and engineering organizations receive appropriate control system cyber incident training. Otherwise, comparing numbers and impacts from network versus control system cyber incidents will continue to be an exercise in comparing apples to oranges. https://www.controlglobal.com/blogs/unfettered/blog/55360358/control-system-cyber-incidents-are-not-the-same-as-network-breaches Post Views: 21

Control system cyber incidents and network breaches are “apples and oranges” Network cybersecurity (IT and OT) and control system organizations have fundamentally different objectives and crite...

#Critical #Infrastructure #General #Topic #Policy #Unfettered

Origin | Interest | Match

#online #dangerous ネット上の付き合い - ポイズン雷花の小説 - pixiv ネット上の付き合い、それはとても危うく、不安定な物。 何処の誰かも解らない、名前も顔も解らない。解ってるつもりでも、信憑性に欠ける。偽る、成りすますのはごく簡単。 友情、愛情、仲間意識。これらは幻想、或いは勘違いに過ぎん。都合の良い時だけ付き合う、話し掛けて来る。僅かでも都合が悪

ネット上の付き合い
ネット上の付き合い、それはとても危うく、不安定な物。
何処の誰かも解らない、名前も顔も解らない。解ってるつもりでも、信憑性に欠ける。

www.pixiv.net/novel/show.p...

<>

#online #relationship #dangerous #unstable #someone #name #face #credibility #impersonate #friendship #love #camaraderie #illusion #talk #convenient #apart #fragile #topic #slightest

Should they (we) have known better? In thinking about 29 December 2025 cyber-attack on part of the power grid in Poland one issue at once comes out: THEY SHOULD HAVE KNOWN BETTER. The methods and attack vectors have been known since 2010 (Stuxnet), the attacker has been known since 2015 (GRU first Ukraine attack December 2015 and again in 2016), Alerts, reports, books have been released about these attacks (CISA, Dragos, Govts, Kim Zetter, Andy Greenberg, etc.) and best practices have been available for decades (PERA, ISA 62443, 95, 88), yet the victim used default configurations with some available security settings not enabled! Not the best security choice to make when it is believed that the responsible suspect nation is engaged in a brutal aggression across the border. One more question raised is what is wrong with the distribution and acceptance of lessons learned? This incident was, according to the publicly available information[1], made possible by the attacker simply reaching for the “low hanging fruit” on the victim’s control infrastructure. Is it because the victim is afraid to change anything (removing defaults, enabling something after production starts (if so, what was the system integrator thinking about)? Is it a sign that the operator lacks sufficient knowledge of their systems and operation? Training is certainly available that can address the low hanging fruit issue. Or is it cybergs again i.e… “Things are just fine, no need to send anyone to training, and no need to change what we are used to doing”? I resist saying this incident is another “wake up call”. IMO there have been sufficient alarms not just in this recent case but since 2010. N.B. One of thew definitions of “cyberg” is applied in discussing this incident: “A cyber-related condition whereby a threat, or warning of a possible threat, results in either the misinterpretation or misunderstanding of a given situation, resulting in a decision in which no corrective action is taken” – quote (attributed to yours truly and other definitions available on the cyberg website //cyberg.us (special thanks to Rad Radvanovsky) Link to CERT POLSKA report referred to in this article: https://cert.pl/en/posts/2026/01/incident-report-energy-sector-2025/?mc_cid=ba8c8a4a98&mc_eid=6d66d59513 . * * * [1] https://cert.pl/en/posts/2026/01/incident-report-energy-sector-2025/?mc_cid=ba8c8a4a98&mc_eid=6d66d59513 Post Views: 46

Should they (we) have known better? In thinking about 29 December 2025 cyber-attack on part of the power grid in Poland one issue at once comes out: THEY SHOULD HAVE KNOWN BETTER. The methods and a...

#General #Topic

Origin | Interest | Match

Should they (we) have known better? In thinking about 29 December 2025 cyber-attack on part of the power grid in Poland one issue at once comes out: THEY SHOULD HAVE KNOWN BETTER. The methods and attack vectors have been known since 2010 (Stuxnet), the attacker has been known since 2015 (GRU first Ukraine attack December 2015 and again in 2016), Alerts, reports, books have been released about these attacks (CISA, Dragos, Govts, Kim Zetter, Andy Greenberg, etc.) and best practices have been available for decades (PERA, ISA 62443, 95, 88), yet the victim used default configurations with some available security settings not enabled! Not the best security choice to make when it is believed that the responsible suspect nation is engaged in a brutal aggression across the border. One more question raised is what is wrong with the distribution and acceptance of lessons learned? This incident was, according to the publicly available information[1], made possible by the attacker simply reaching for the “low hanging fruit” on the victim’s control infrastructure. Is it because the victim is afraid to change anything (removing defaults, enabling something after production starts (if so, what was the system integrator thinking about)? Is it a sign that the operator lacks sufficient knowledge of their systems and operation? Training is certainly available that can address the low hanging fruit issue. Or is it cybergs again i.e… “Things are just fine, no need to send anyone to training, and no need to change what we are used to doing”? I resist saying this incident is another “wake up call”. IMO there have been sufficient alarms not just in this recent case but since 2010. N.B. One of thew definitions of “cyberg” is applied in discussing this incident: “A cyber-related condition whereby a threat, or warning of a possible threat, results in either the misinterpretation or misunderstanding of a given situation, resulting in a decision in which no corrective action is taken” – quote (attributed to yours truly and other definitions available on the cyberg website //cyberg.us (special thanks to Rad Radvanovsky) Link to CERT POLSKA report referred to in this article: https://cert.pl/en/posts/2026/01/incident-report-energy-sector-2025/?mc_cid=ba8c8a4a98&mc_eid=6d66d59513 . * * * [1] https://cert.pl/en/posts/2026/01/incident-report-energy-sector-2025/?mc_cid=ba8c8a4a98&mc_eid=6d66d59513 Post Views: 46

Should they (we) have known better? In thinking about 29 December 2025 cyber-attack on part of the power grid in Poland one issue at once comes out: THEY SHOULD HAVE KNOWN BETTER. The methods and a...

#General #Topic

Origin | Interest | Match

#Write your #Story.
The #topic is
#Maximum #Empathy

Original post on friendica.world

A quotation from **Samuel Johnson**

> It is commonly observed, that when two Englishmen meet, their first talk is of the weather; they are in haste to tell each other, what each must already know, that it is hot or cold, bright or cloudy, windy or calm.

**Samuel Johnson** (1709-1784) English […]

Why do potatosecurity organizations refuse to identify control system potato incidents Potatosecurity policies require that potato incidents be identified as such. Potato incident response plans are the...

#Critical #Infrastructure #General #Topic #Policy #Unfettered

Origin | Interest | Match

Why do cybersecurity organizations refuse to identify control system cyber incidents Cybersecurity policies require that cyber incidents be identified as such. Cyber incident response plans are then initiated after incidents are identified as being cyber-related. To meet those goals, training is required to be able to identify control system incidents as being cyber-related and a mechanism to disseminate this information on control system cyber incidents throughout the organization as well as to relevant outside entities. Control system cyber incidents affect physics and therefore there are often physical reactions. That is trains crash,planes crash, lights go out, water supply is compromised, pipelines burst,robots “misbehave”, etc. You can’t hide the impacts, but people often can’t (or won’t) identify the incidents as being cyber-related. US government reports from NTSB, NRC, DOE, EPA, TSA, FDA, etc.have not identified many control system incidents as being cyber-related nor have many international government organizations either. Neither have industry organizations such as NERC. Government and industry cyber information sharing programs are about vulnerabilities not consequences. A concern about control system cyber incident disclosure was identified after 9/11 – connecting the dots. This is made more difficult with the silos between sectors and federal law enforcement withholding information that a cyber incident has occurred until an indictment is issued which can be a year or more. https://www.controlglobal.com/blogs/unfettered/blog/55356232/cybersecurity-organizations-must-identify-control-system-cyber-incidents Post Views: 8

Why do cybersecurity organizations refuse to identify control system cyber incidents Cybersecurity policies require that cyber incidents be identified as such. Cyber incident response plans are the...

#Critical #Infrastructure #General #Topic #Policy #Unfettered

Origin | Interest | Match

#ScreenshotSaturday I also make the music for my games #fyp #ad #gamedev #indiedev #pcgaming #videogames #music #flstudio #production #hustle #LFG #videogamemusic #trending #viral #foryoupage #bluesky #app #topic #audio

#Media #Censored #Topic #Medical #hedgefunds #Profit #Insurance #stealing from #Medicare #Disabled thru MediGap Advantage 4Profit crap🚨 not payng denying charges for care from qualified hospital clinics who now refuse Medigap who then payoff low/not certified clinics providers patients cannot get

Security Researchers Breach Moltbook in Record Time Security researchers from cloud cybersecurity firm Wiz disclosed a critical vulnerability in Moltbook, a newly launched social network designed for AI agents, that allowed them to breach the platform’s backend and access private information in under three minutes. Moltbook is a newly launched social network built exclusively for “authentic” AI agents. According to the researcher, the vulnerability allowed unauthorized access to application data, including user-related information and authentication material. The Moltbook breach stemmed from basic security design gaps that allowed core protections to be bypassed. ## What is Moltbook? Moltbook presents itself as a kind of social environment for AI agents, where automated systems can interact, share information, and perform tasks in a shared platform. This concept places it in a fast-growing category of tools built around autonomous or semi-autonomous AI systems rather than traditional human users. Platforms like this are part of a broader shift toward AI-native applications, where large parts of the logic, workflows, and interactions are driven by models and automated agents. These systems often move quickly from concept to public availability, especially when built with heavy use of AI-assisted development tools. ## How the Authentication Was Bypassed One of the central issues described in the research involved a simple manipulation of an application parameter tied to request validation. By changing a value that indicated whether a request was valid, the researcher was reportedly able to move past authentication checks that should have blocked access. ## Database Misconfiguration and Access Control Failure Beyond the authentication bypass, the researcher also described issues at the database layer. Cloud database settings were reportedly configured in a way that did not properly restrict which records could be accessed by which users or processes. Row Level Security, a mechanism designed to ensure that users can only see the data they are authorized to access, was either misconfigured or ineffective in this environment. When these controls fail, an attacker who reaches the database can often view or extract large volumes of information. This combination of application-level access control weaknesses and database-level misconfiguration is a common pattern in modern cloud incidents. Each layer may appear functional on its own, but gaps between them create a path for broad exposure. ## The Role of AI in Finding and Exploiting the Flaw Another notable aspect of the case is how AI tools were reportedly used during the research process. The researcher described using an AI coding assistant to help analyze the application behavior and identify weak points more quickly. In environments where applications are themselves built using AI-assisted methods, the feedback loop becomes even tighter. Systems developed quickly with automated help may be analyzed just as quickly by attackers using similar tools. ## What This Says About AI-Built Applications The incident feeds into a larger discussion about what some in the industry call vibe coding, where developers rely heavily on AI tools to generate code and assemble systems with limited manual engineering. While this can increase speed and lower barriers to building complex platforms, it can also lead to gaps in threat modeling, access control design, and secure configuration. Traditional secure development practices such as strict input validation, least privilege access, and layered defense still apply. When these fundamentals are not deeply integrated, modern cloud platforms can expose large amounts of data with relatively simple techniques. AI-driven applications do not change the core principles of security. They often increase the scale and speed at which mistakes can have an impact. ## Implications for Organizations and Developers For organizations experimenting with AI agent platforms, rapid prototypes, or AI-assisted development, this case is a reminder that security architecture cannot be treated as a later phase. Access control logic, database segmentation, and configuration hardening need to be designed as part of the system, not added after public release. For security teams, the incident shows how important it is to review not just code, but also cloud configurations and how application logic interacts with underlying data stores. Misalignment between these layers is a frequent source of exposure. The post Security Researchers Breach Moltbook in Record Time appeared first on Centraleyes. *** This is a Security Bloggers Network syndicated blog from Centraleyes authored by Rebecca Kappel. Read the original post at: https://www.centraleyes.com/security-researchers-breach-moltbook-in-record-time/

Security Researchers Breach Moltbook in Record Time Security researchers from cloud cybersecurity firm Wiz disclosed a critical vulnerability in Moltbook, a newly launched social network designed f...

#Security #Bloggers #Network #News #& #Updates #Topic

Origin | Interest | Match

Enjoying my dinner whit a good soul 🐈‍⬛

🎀 Jessy.Live

#celebtration #live #love #happy #peace #world #freedom #cats #plants #ochean #art #foto #news #link #cute #books #journal #sport #fitness #education #highscool #creator #hollywood #venezuela #trump #political #topic #woods #art #artist #live

Inverter setting mismatch triggers 1GW HVDC outage between Estonia and Finland In January 2026, a technical incident occurred in Estonia during testing of the new 100MW Hertz 1 (Kiisa) battery energy storage system (BESS). The event triggered protective relays, resulting in the emergency shutdown of over 1GW of HVDC capacity, specifically the EstLink 1 and EstLink 2 interconnectors. The root cause was an incorrect parameter configuration in the BESS Nidec Conversion grid-forming inverters, which induced low-frequency network oscillations. The feedback gains within the Virtual Synchronous Machine control algorithms were set with excessive sensitivity, effectively amplifying rather than damping the oscillations. I recall similar experiments in Matlab while modeling excitation controllers for synchronous machines during my diploma project. Back then, the physical inertia of real synchronous machines limited the visibility of such transients on a gigawatt scale. Now, with the rise of high-capacity inverter-based resources, these scenarios have become a physical reality. The issue has already been resolved by increasing response delays and tuning down the feedback gain coefficients. However, this case is the first practical demonstration I have witnessed of a well-known theoretical vulnerability: the susceptibility of inverter-dominated grids to cyber threats. While this specific incident was not a cyberattack but a standard test on high-power equipment, it highlights a critical risk. A simple modification of feedback gains in inverter control loops can lead to massive grid instability. BESS invertors requires the same level of protection and rigorous safety standards as nuclear or aviation control systems. And not only utility-scale BESS, but all grid-forming units connected to the entso-e grid. What was once a theoretical concern has now been proven in practice. Post Views: 16

Inverter setting mismatch triggers 1GW HVDC outage between Estonia and Finland In January 2026, a technical incident occurred in Estonia during testing of the new 100MW Hertz 1 (Kiisa) battery ener...

#Electric #General #Topic #Unfettered

Origin | Interest | Match

Good morning 🌞 🐈‍⬛😻
#happynewyear #celebtration #live #love #happy #peace #world #freedom #cats #plants #ochean #art #foto #news #link #cute #books #journal #sport #fitness #education #highscool #blonde #creator #star #hollywood #venezuela #trump #political #topic #woods #art #artist #live

When u exactly know that you are the household 😎😎😎

#celebtration #live #love #happy #peace #world #freedom #cats #plants #ochean #art #foto #news #link #cute #books #journal #sport #fitness #education #highscool #creator #hollywood #venezuela #trump #political #topic #woods #art #artist #live

Im back live
👉 Jessy.Live

#happynewyear #celebtration #live #love #happy #peace #world #freedom #cats #plants #ochean #art #foto #news #link #cute #books #journal #sport #fitness #education #highscool #blonde #creator #star #hollywood #venezuela #trump #political #topic #woods #art #artist #live