Podcasts about Authorization

In this On Location episode during OWASP AppSec Global 2025 in Barcelona, Sean Martin connects with event speaker, Wojciech Dworakowski, to unpack a critical and underexamined issue in today's financial systems: the vulnerability of mobile-only banking apps when it comes to transaction authorization.Wojciech points out that modern banking has embraced the mobile-first model—sometimes at the cost of fundamental security principles. Most banks now concentrate transaction initiation, security configuration, and transaction authorization into a single device: the user's smartphone. While this offers unmatched convenience, it also creates a single point of failure. If an attacker successfully pairs their phone with a victim's account, they can bypass multiple layers of security, often without needing traditional credentials.The discussion explores the limitations of relying solely on biometric options like Face ID or Touch ID. These conveniences may appear secure but often weaken the overall security posture when used without additional independent verification mechanisms. Wojciech outlines how common attack strategies have shifted from stealing credit card numbers to full account takeover—enabled by social engineering and weak device-pairing controls.He proposes a “raise the bar” strategy rather than relying on a single silver-bullet solution. Suggestions include enhanced device fingerprinting, detection of emulators or rooted environments, and shared interbank databases for device reputation and account pairing anomalies. While some of these are already in motion under new EU and UK regulations, they remain fragmented.Wojciech also introduces a bold idea: giving users a slider in the app to adjust their personal balance of convenience vs. security. This kind of usability-driven approach could empower users while still offering layered defense.For CISOs, developers, and FinTech leaders, the message is clear—evaluate your app security as if attackers already know the shortcuts. Watch the full conversation to hear Wojciech's real-world examples, including a cautionary tale from his own family. Catch the episode and learn how to design financial security that's not just strong—but usable.GUEST: Wojciech Dworakowski | OWASP Poland Chapter Board Member and Managing Partner at SecuRing | https://www.linkedin.com/in/wojciechdworakowski/HOST: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | https://www.seanmartin.comSPONSORSManicode Security: https://itspm.ag/manicode-security-7q8iRESOURCESLearn more and catch more stories from OWASP AppSec Global 2025 Barcelona coverage: https://www.itspmagazine.com/owasp-global-appsec-barcelona-2025-application-security-event-coverage-in-catalunya-spainCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Send us a textSunday, May 25, 2025, message from Apostle Tommy MillerPart of Heaven Here, Heaven Now 2025 conference weekendAlso part of Governing Contradiction seriesRecoded live from Legacy Church in New Philadelphia, Ohio.#asheis #asheissoareweinthisworld #unveiled #conscience #sons #manifestsons #union #legacychurchoh #newcreation #jesus #church #jesuschrist #gospel #transfigured #revelator #apostle #deathless #immortality #believe #bible #creator #godisgood #grace #hope #sermonshots #sermonclips #holyspirit #love #godislove #kingdom #peace #freedom #facebook #memes #truth #inspiration #motivationalquotes #vibes #positivevibes #christ #jesuslovesyou #russellbrand #jordanbpeterson #joerogan #atm #tommymillerGet more life-changing content and community here:https://linktr.ee/tommymiller Support the show

Send us a textNavigating the complex landscape of authentication frameworks is essential for any cybersecurity professional, especially those preparing for the CISSP exam. This deep-dive episode unravels the intricate world of authentication systems that protect our digital identities across multiple platforms and services.We begin by examining OAuth 2.0 and OpenID Connect (OIDC), exploring how these token-based frameworks revolutionize third-party authentication without exposing user credentials. When you click "Login with Google," you're experiencing these protocols in action—reducing password reuse while maintaining security across digital services. Learn the difference between authorization flows and how these systems interact to verify your identity seamlessly across the web.The podcast then transitions to Security Assertion Markup Language (SAML), breaking down how this XML-based protocol establishes trust between identity providers and service providers. Through practical examples, we illustrate how SAML enables web single sign-on capabilities across educational institutions, corporate environments, and cloud services—creating that "connective tissue" between disparate systems while enhancing both security and user experience.Kerberos, MIT's powerful network authentication protocol, takes center stage as we explore its ticketing system architecture. Named after the three-headed dog of Greek mythology, this protocol's Authentication Service, Ticket Granting Service, and Key Distribution Center work in concert to verify identities without transmitting passwords across networks. We also discuss critical considerations like time synchronization requirements that can make or break your Kerberos implementation.For remote authentication scenarios, we compare RADIUS and TACACS+ protocols, highlighting their distinct approaches to the AAA (Authentication, Authorization, and Accounting) framework. Discover why network administrators choose UDP-based RADIUS for general network access while preferring the TCP-based TACACS+ for granular administrative control with command-level authorization and full payload encryption.Whether you're studying for the CISSP exam or looking to strengthen your organization's security posture, this episode provides the knowledge foundation you need to implement robust authentication systems in today's interconnected world. Visit CISSP Cyber Training for additional resources to support your cybersecurity journey.Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Joyce discusses the Supreme court voting 4 to 4 to reject the authorization for the first public Christian charter school.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Executive Summary:This document summarizes key instructions and guidelines provided for the completion of the first draft of the thesis paper and preparation for the mock presentations. The sources emphasize adherence to formatting requirements (APA 7th edition), content guidelines for specific sections (Abstract, Introduction, Literature Review, Method, Results/Discussion, Conclusion, Appendices, References), and preparation strategies for the mock presentations, including content, delivery, and technical aspects. Key themes include attention to detail in formatting, summarizing the paper effectively, and practicing delivery and anticipating questions for the presentation.Key Themes and Ideas:* Hard Copy Draft Review: Students are required to submit a hard copy of their first completed draft. A quick self-review in groups is encouraged, focusing on specific formatting elements.* Headings: Check that all headings (except in the method section) have 6 to 12 words. Main words should be capitalized. No punctuation should be at the end of any heading. Method section headings (Participants, Instruments, Procedure, Data Analysis) can be shorter.* Page Breaks: Specific pages should be on their own page: Title page, Authorization page, Abstract, Table of Contents, Figures/Tables (if applicable), and each Appendix. The body of the paper (Literature Review through the Conclusion paragraph) should have no page breaks.* Spacing: The entire paper should be double-spaced, with no extra space between paragraphs, headings, and text. References are an exception, with single spacing within the reference and double spacing between references.* Indentation: Each paragraph, except for the Abstract, should have a half-inch indentation.* Paragraph Count: The Abstract, Participants, Instruments, Procedure, and Data Analysis sections should each consist of only one paragraph. The final paragraph of the paper is considered the Conclusion paragraph and does not require a separate "Conclusion" heading.* Appendix Formatting: Each appendix should start on a new page with a Level 1 heading (e.g., "Appendix A") at the very top line, followed by a Level 2 heading for the appendix title.* Title Recommendations: The instructor suggests using ChatGPT to generate title ideas now that the paper is mostly complete.* If the title is longer than one line, force a return to distribute words more or less equally across two lines.* Single-space the title.* Improving Writing (Verb Usage): Students are encouraged to review their paper for overuse of the verbs "to have," "to be," and "to make" (as lexical verbs). While not forbidden, excessive use may indicate areas for improvement by substituting more dynamic verbs, often converting nouns into verbs. The instructor provides an example of how to rewrite sentences to be more concise and dynamic.* Mock Presentation Structure and Timing: The mock presentation is 20 minutes long with a 10-minute Q&A. The entire class scheduled for a specific day is expected to observe all presentations on that day.* Suggested Slide Order: Title slide, Problem and Purpose, Literature Review (multiple slides), Method, Results and Discussion (multiple slides), Conclusions, Thank You.* Approximate Timing: Problem and Purpose (30 seconds to 1 minute), Literature Review (approximately 8 minutes), Method (approximately 2 minutes), Results and Discussion (approximately 9-10 minutes).* Presentation Content: Present only the essential information that directly relates to the research questions and analyzed data. Do not attempt to present everything from the written paper due to time constraints.* Mock Presentation Delivery and Technical Aspects:* Preparation: Practice the presentation, ideally recording oneself and timing each section. Consider practicing in front of someone.* Slides: Slides are meant to support the speaker, not to be read directly. They should function as "big note cards" with key points or ideas. Each slide should focus on one main point and include a heading. Avoid paragraphs and excessive text on slides.* Visuals: Make slides visually appealing but not distracting. Use visuals like graphs, charts, tables, and images from the paper, simplifying or modifying them for the presentation. Use no more than three different font styles and sizes, and choose easy-to-read fonts. Avoid animations and complex color schemes that might reduce contrast.* Technology: Coordinate with classmates to use one computer for presentations on a given day. Test equipment beforehand, turn off automatic updates, and ensure the computer is fully charged and doesn't go to sleep. Have a backup of the presentation file (e.g., on a USB drive in addition to the computer).* Delivery: Focus on the message, not personal nervousness. Maintain eye contact with the audience, specifically the examiners during the final defense, distributing attention among them. Bring a water bottle.* Anticipate Questions: Prepare for potential questions, including definitions of key terms used in the study.* Final Oral Defense Considerations:* Similar guidelines to the mock presentation, but attendance is by invitation only (family, friends, classmates).* Coordinate bringing refreshments for the examiners.* Arrive at least 30 minutes early with guests.* Maintain eye contact, especially with examiners.* No microphone is expected to be needed; speak loudly and project.* Present from the stage or on the floor in front of the stage, based on comfort.* Paper Submission: Submit three hard copies of the first completed draft. Confirm that the version in Microsoft Teams is the same as the hard copy. The final paper (Word document and three hard copies) is due officially one week before the scheduled presentation.Quotes:* "Make sure that the headings all of the headings have 6 to 12 words except for the headings in the method section."* "Check each heading to make sure that the main words are capitalized."* "Finally, check at the end of each heading. No punctuation, no period, no colon, no. Nothing."* "The body of the paper, there are no page brakes."* "Make sure each appendix has a page break and appears at the very top line."* "Make sure that each paragraph with the exception of the abstract has a half of an inch indentation."* "Look at the abstracts. Each section of the method and your conclusion to make sure you only have one paragraph."* "Today, I'm going to receive your uh hard copies of your first completed draft. This is an important milestone, right?"* "Today I want to spend just a few minutes very quickly all of us taking a look at your document, making a few notes very very quick."* "I would recommend trying and experimenting with chatt to give you some ideas of titles now that your paper has been completed."* "If your title extends longer than one line... force a return... single space the title."* "I want you to see how many times you're using three birds. to have, to be, to make."* "The problem in general is when we're using a bunch of times these verbs voice passive and there is there are. The problem is we have a lot of nouns that could be converted to a verb."* "We need to be prepared on Monday, well, whenever you're presenting, for a 20 minute presentation with a 10 minute question and answer."* "Remember your presentation is there to support what you are saying, not vice versa."* "Think of the the PowerPoint presentation the slides as big cards note cards."* "We don't want any distractions, right? It's a distraction when you're speaking and somebody's coming in and out."* "Maintain eye contact... try to connect to those examiners because they're the ones that are going to give you the grades."Source 2: Excerpts from "TS Recap 15.mp4"This source provides a recap of Week 15 for Thesis Seminar, focusing on the requirements for the first completed draft of the thesis paper due the same week.Key Themes and Ideas:* First Completed Draft Requirements: The first completed draft is due as a hard copy. Students should refer to the course guidelines for detailed requirements, including approximate word counts.* Introduction Paragraph: Should start with a hook, provide context for the problem, and end with the thesis statement.* Transitional Paragraph: Should restate the thesis statement, summarize the problem, introduce the research questions, and conclude with a closing statement.* Conclusion Paragraph (End of Results and Discussion): Approximately 250 words. Should begin by restating and rewording the thesis statement, discuss study limitations and significance, suggest future research, and end with a closing statement.* Abstract: Should be on its own page, follow the provided template, and be one paragraph of approximately 250 words. It should summarize the entire paper: problem, method (participants, data collection, analysis), findings, and conclusions/implications. It serves as a snapshot for readers to decide if they want to read the full paper.* Formatting (Reinforced):Title: 6 to 12 words.* Spacing: Double-spaced throughout the paper (except references).* Alignment: Left-justified.* Indentation: 0.5-inch indentation for all paragraphs except the Abstract.* References: Adhere to APA 7th edition. Use a hanging indent (French indentation). Single-space within each reference and double-space between references.* Appendices: Each appendix on a new page with a Level 1 heading ("Appendix A," etc.) and a Level 2 heading for the title. Use the specified font styles (Level 1 APA, Level 2 APA, etc.) for headings.* Table of Contents: Should be updatable based on correctly formatted headings.* Approximate Word Counts: Provides word count guidelines for major sections: Literature Review (approx. 2250 words), Results and Discussion (approx. 2250 words), Method (approx. 500 words, divided among Participants, Instruments and Procedure, Data Analysis).Quotes:* "This week, we need to finish our first draft. And today, I want to talk about what should be included in your completed first draft. Uh a hard copy that you're to turn in by noon this Thursday, May 22nd, 2025."* "Make sure that you've uh reviewed the course guidelines that are available in Microsoft Teams... it includes a section with approximate word counts."* "Your paper should include an introductory or an introduction paragraph... make sure that the uh the introduction paragraph begins with a hook. It offers the context of the problem and it concludes by stating your thesis statement."* "The conclusion paragraph to end your results and discussion section should be approximately 250 words and begin again with your thesis statement restated and rewarded."* "After restating your thesis statement, you can talk about um any limitations that you find... include the significance of your study and also future research."* "The abstract should be on its own page... Should be one paragraph, approximately 250 words, and should state basically summarize uh your whole paper."* "Think of the abstract as a kind of a snapshot of your whole paper."* "Make sure you have a title of your paper, 6 to 12 words."* "Your whole paper should be double spaced, left justified."* "All paragraphs should have a uh 0.5 in indentation with the exception of the abstract."* "Double check your list of references making sure that they adhere to APA 7th edition."* "Make sure you using a French indentation or a uh a hanging indent."* "Each appendix should have a level one heading that states which appendix it is... And then as a level two, I would include the title of the of the appendix."Conclusion:Both sources provide essential guidance for completing the thesis paper draft and preparing for the mock presentations. The first source delves deeply into specific formatting checks and detailed presentation strategies, while the second source provides a concise overview of the key components and formatting requirements for the written draft. Students are strongly encouraged to meticulously review their drafts against the provided guidelines, practice their presentations thoroughly, and anticipate questions to ensure a successful mock presentation and final defense. Attention to detail in both the written document and the presentation delivery is paramount.Recap for Week 15Configuring tables and figures This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit benjaminlstewart.substack.com

GoldenGate 23ai takes security seriously, and this episode unpacks everything you need to know. GoldenGate expert Nick Wagner breaks down how authentication, access roles, and encryption protect your data.   Learn how GoldenGate integrates with identity providers, secures communication, and keeps passwords out of storage. Understand how trail files work, why they only store committed data, and how recovery processes prevent data loss.   Whether you manage replication or just want to tighten security, this episode gives you the details to lock things down without slowing operations.   Oracle GoldenGate 23ai: Fundamentals: https://mylearn.oracle.com/ou/course/oracle-goldengate-23ai-fundamentals/145884/237273 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, David Wright, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode.   --------------------------------------------------------------   Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:25 Lois: Hello and welcome to the Oracle University Podcast! I'm Lois Houston, Director of Innovation Programs with Oracle University, and with me is Nikita Abraham, Team Lead: Editorial Services.  Nikita: Welcome, everyone! This is our fourth episode on Oracle GoldenGate 23ai. Last week, we discussed the terminology, different processes and what they do, and the architecture of the product at a high level. Today, we have Nick Wagner back with us to talk about the security strategies of GoldenGate. 00:56 Lois: As you know by now, Nick is a Senior Director of Product Management for GoldenGate at Oracle. He's played a key role as one of the product designers behind the latest version of GoldenGate. Hi Nick! Thank you for joining us again. Can you tell us how GoldenGate takes care of data security? Nick: So GoldenGate authentication and authorization is done in a couple of different ways. First, we have user credentials for GoldenGate for not only the source and target databases, but also for GoldenGate itself. We have integration with third-party identity management products, and everything that GoldenGate does can be secured. 01:32 Nikita: And we must have some access roles, right? Nick: There's four roles built into the GoldenGate product. You have your security role, administrator, operator, and user. They're all hierarchical. The most important one is the security user. This user is going to be the one that provides the administrative tasks. This user is able to actually create additional users and assign roles within the product. So do not lose this password and this user is extremely important. You probably don't want to use this security user as your everyday user. That would be your administrator. The administrator role is able to perform all administrative tasks within GoldenGate. So not only can they go in and create new extracts, create new replicats, create new distribution services, but they can also start and stop them. And that's where the operator role is and the user role. So the operator role allows you to go in and start/stop processes, but you can't create any new ones, which is kind of important. So this user would be the one that could go in and suspend activity. They could restart activity. But they can't actually add objects to replication. The user role is really a read-only role. They can come in. They can see what's going on. They can look at the log files. They can look at the alerts. They can look at all the watches and see exactly what GoldenGate is doing. But they're unable to make any changes to the product itself. 02:54 Lois: You mentioned the roles are hierarchical in nature. What does that mean? Nick: So anything that the user role does can be done by the operator. Anything that the operator and user roles can do can be done by the administrator. And anything that the user, operator, and administrator roles do can be done by the security role. 03:11 Lois: Ok. So, is there a single sign-on available for GoldenGate? Nick: We also have a password plugin for GoldenGate Connections. A lot of customers have asked for integration with whatever their single sign-on utility is, and so GoldenGate now has that with GoldenGate 23ai. So these are customer-created entities. So, we have some examples that you can use in our documentation on how to set up an identity provider or a third-party identity provider with GoldenGate. And this allows you to ensure that your corporate standards are met. As we started looking into this, as we started designing it, every single customer wanted something different. And so instead of trying to meet the needs for every customer and every possible combination of security credentials, we want you to be able to design it the way you need it. The passwords are never stored. They're only retrieved from the identity provider by the plugin itself. 04:05 Nikita: That's a pretty important security aspect…that when it's time to authenticate a user, we go to the identity provider. Nick: We're going to connect in and see if that password is matching. And only then do we use it. And as soon as we detect that it's matched, that password is removed. And then for the extract and replicats themselves, you can also use it for the database, data source, and data target connections, as well as for the GoldenGate users. So, it is a full-featured plugin. So, our identity provider plugin works with IAM as well as OAM. These are your standard identity manager authentication methods. The standard one is OAuth 2, as well as OIDC. And any Identity Manager that uses that is able to integrate with GoldenGate. 04:52 Lois: And how does this work? Nick: The way that it works is pretty straightforward. Once the user logs into the database, we're going to hand off authentication to the identity provider. Once the identity provider has validated that user's identity and their credentials, then it comes back to GoldenGate and says that user is able to log in to either GoldenGate or the application or the database. Once the user is logged in, we get that confirmation that's been sent out and they can continue working through GoldenGate. So, it's very straightforward on how it works. There's also a nice little UI that will help set up each additional user within those systems. All the communication is also secured as well. So any communication done through any of the GoldenGate services is encrypted using HTTPS. All the REST calls themselves are all done using HTTPS as well. All the data protection calls and all the communication across the network when we send data across a distribution service is encrypted using a secure WebSocket. And there's also trail file encryption at the operating system level for data at REST. So, this really gives you the full level of encryption for customers that need that high-end security. GoldenGate does have an option for FIPS 140-2 compliance as well. So that's even a further step for most of those customers. 06:12 Nikita: That's impressive! Because we want to maintain the highest security standards, right? Especially when dealing with sensitive information. I now want to move on to trail files. In our last episode, we briefly spoke about how they serve as logs that record and track changes made to data. But what more can you tell us about them, Nick? Nick: There's two different processes that write to the trail files. The extract process will write to the trail file and the receiver service will write to the trail file. The extract process is going to write to the trail file as it's pulling data out of that source database. Now, the extract process is controlled by a parameter file, that says, hey, here's the exact changes that I'm going to be pulling out. Here's the tables. Here's the rows that I want. As it's pulling that data out and writing it to the trail files, it's ensuring that those trail files have enough information so that the replicat process can actually construct a SQL statement and apply that change to that target platform. And so there's a lot of ways to change what's actually stored in those trail files and how it's handled. The trail files can also be used for initial loads. So when we do the initial load through GoldenGate, we can grab and write out the data for those tables, and that excludes the change data. So initial loads is pulling the data directly from the tables themselves, whereas ongoing replication is pulling it from the transaction logs. 07:38 Lois: But do we need to worry about rollbacks? Nick: Our trail files contain committed data only and all data is sequential. So this is two important things. Because it contains committed data only, we don't need to worry about rollbacks. We also don't need to worry about position within that trail file because we know all data is sequential. And so as we're reading through the trail file, we know that anything that's written in a prior location in that trial file was committed prior to something else. And as we get into the recovery aspects of GoldenGate, this will all make a lot more sense. 08:13 Lois: Before we do that, can you tell us about the naming of trail files? Nick: The trail files as far as naming, because these do reside on the operating system, you start with a two-letter trail file abbreviation and then a nine-digit sequential value. So, you almost look at it as like an archive log from Oracle, where we have a prefix and then an affix, which is numeric. Same kind of thing. So, we have our two-letter, in this case, an ab, and then we have a nine-digit number. 08:47 Transform the way you work with Oracle Database 23ai! This cutting-edge technology brings the power of AI directly to your data, making it easier to build powerful applications and manage critical workloads. Want to learn more about Database 23ai? Visit mylearn.oracle.com to pick from our range of courses and enroll today! 09:12 Nikita: Welcome back! Ok, Nick. Let's get into the GoldenGate recovery process. Nick: When we start looking at the GoldenGate recovery process, it essentially makes GoldenGate kind of point-in-time like. So on that source database, you have your extract process that's going to be capturing data from the transaction logs. In the case of Oracle, the Oracle Database is actually going to be reading those transaction logs from us and passing the change records directly to GoldenGate. We call them an LCR, Logical Change Record. And so the integrated extract and GoldenGate, the extract portion tells the database, hey, I'm now going to be interested in the following list of tables. And it gives a list of tables to that internal component, the log mining engine within the database. And it says, OK, I'm now pulling data for those tables and I'm going to send you those table changes. And so as the extract process gets sent those changes, it's going to have checkpoint information. So not only does it know where it was pulling data from out of that source database, but what it's also writing to the trail file. The trail files themselves are all sequential and they have only committed data, as we talked about earlier. The distribution service has checkpoint information that says, hey, I know where I'm reading from in the previous trail file, and I know what I've sent across the network. The receiver service is the same thing. It knows what it's receiving, as well as what it's written to the trail file and the target system. The replicat also has a checkpoint. It knows where it's reading from in the trail file, and then it knows what it's been applying into that target database.  This is where things start to become a little complicated. Our replicat process in most cases are parallel, so it'll have multiple threads applying data into that target database. Each of those threads is applying different transactions. And because of the way that the parallelism works in the replicat process, you can actually get situations where one replicat thread might be applying a transaction higher than another thread. And so you can eliminate that sequential or serial aspect of it, and we can get very high throughput speeds to the replicat. But it means that the checkpoint needs to be kind of smart enough to know how to rebuild itself if something fails. 11:32 Lois: Ok, sorry Nick, but can you go through that again? Maybe we can work backwards this time?  Nick: If the replicat process fails, when it comes back up, it's going to look to its checkpoint tables inside that target database. These checkpoint tables keep track of where each thread was at when it crashed. And so when the replicat process restarts, it goes, oh, I was applying these threads at this location in these SCNs. It'll then go and read from the trail file and say, hey, let me rebuild that data and it only applies transactions that it hasn't applied yet to that target system. There is a synchronized replicat command as well that will tell a crashed replicat to say, hey, bring all your threads up to the same high watermark. It does that process automatically as it restarts and continues normal replication. But there is an option to do it just by itself too. So that's how the replicat kind of repairs and recovers itself. It'll simply look at the trail files. Now, let's say that the replicat crashed, and it goes to read from the trail files when it restarts and that trail profile is missing. It'll actually communicate to the distribution, or excuse me, to the receiver service and say, hey, receiver service, I don't have this trail file. Can you bring it back for me? And the receiver service will communicate downstream and say, hey, distribution service, I need you to resend me trail find number 6. And so the distribution service will resend that trail file so that the replicat can reprocess it. So it's often nice to have redundant environments with GoldenGate so we can have those trail files kind of around for availability. 13:13 Nikita: What if one of these files gets corrupted? Nick: If one of those trail files is corrupt, let's say that a trail file on the target site became corrupt and the replicat can't read from it for one reason or another. Simply stop the replicat process, delete the corrupt trail file, restart the replicat process, and now it's going to rebuild that trail file from scratch based on the information from the source GoldenGate environment. And so it's very recoverable. Handles it all very well. 13:40 Nikita: And can the extract process bounce back in the same way? Nick: The extract process can also recover in a similar way. So if the extract process crashes, when it restarts itself, there's a number of things that it does. The first thing is it has to rebuild any open transactions. So it keeps all sorts of checkpoint information about the oldest transaction that it's keeping track of, any open transactions that haven't been committed, and any other transactions that have been committed that it's already written to the trail file. So as it's reprocessing that data, it knows exactly what it's committed to trail and what hasn't been committed. And there's a number of ways that it does this.  There's two main components here. One of them is called bounded recovery. Bounded recovery will allow you to set a time limit on transactions that span a certain length of time that they'll actually get flushed out to disk on that GoldenGate Hub. And that way it'll reduce the amount of time it takes GoldenGate to restart the extract process. And the other component is cache manager. Cache manager stores uncommitted transactions. And so it's a very elegant way of rebuilding itself from any kind of failure. You can also set up restart profiles so that if any process does crash, the GoldenGate service manager can automatically restart that service an x number of times across y time span. So if I say, hey, if my extract crashes, then attempt to restart it 100 times every 5 seconds. So there's a lot of things that you can do there to make it really nice and automatic repair itself and automatically resilient.  15:18 Lois: Well, that brings us to the end of this episode. Thank you, Nick, for going through the security strategies and recovery processes in such detail. Next week, we'll look at the installation of GoldenGate. Nikita: And if you want to learn more about the topics we discussed today, head over to mylearn.oracle.com and take a look at the Oracle GoldenGate 23ai Fundamentals course. Until next time, this is Nikita Abraham… Lois: And Lois Houston signing off! 15:44 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

Welcome to episode 2 of season 3 of the Identity Jedi Show! In this jam-packed episode, we dive into the complex world of authorization. Our special guest, David Broussard, CTO of Axiomatic, joins us to talk about different aspects of authorization including PDPs, PPPs, token-based access control, and the challenges of externalizing authorization. We also explore the future of identity and authorization frameworks, the role of shared signals, and how companies should balance responsibilities between vendors and customers. Don't miss out on this insightful discussion!Blog by Nishant Kaushik → https://blog.talkingidentity.com/2025/05/the-innovation-we-need-is-strategic-not-technical.htmlOpen Letter by Patrick Opet ( CISO JPMorgan Chase) → https://www.jpmorgan.com/technology/technology-blog/open-letter-to-our-suppliersIDJ Newsletter → https://www.theidentityjedi.comCheck out some of my favorite Leovici Items!Leovici Identity Jedi → https://leovici.goaffpro.com/shop/identityjedi00:00 Introduction and Episode Overview01:15 Housekeeping and Platform Announcements02:01 Deep Dive into Authorization07:25 Interview with David Broussard14:07 Developer Insights and Authorization Models23:06 CISO Perspective on Authorization26:22 The Threat to Smaller Vendors27:20 Introduction to Shared Signals Framework28:36 Real-Time Authorization and Risk Management33:52 The Importance of User Experience in Enterprise Apps40:40 Future of Authorization and Developer Experience41:48 Magic Wand for Authorization Market43:46 Final Thoughts and Wrap-Up

In dieser Folge spreche ich mit János Reimer, Head of Consulting bei Pointsharp, über den Einsatz von KI im SAP-Berechtigungswesen. Im Mittelpunkt steht der sogenannte Authorization Robot, ein Tool, das bei der Erstellung und Optimierung von SAP-Berechtigungskonzepten unterstützen soll. Wir liefern einen Zwischenstand, wie weit die Automatisierung mithilfe von KI im Bereich SAP-Rollenmanagement inzwischen ist – und wo ihre Grenzen liegen.

What are plan crosswalks in the Affordable Care Act Marketplace? Find out what this means for your clients and how agents can help in the process.    Read the text version    Register with Ritter: https://app.ritterim.com/public/registration/   Contact the Agent Survival Guide Podcast! Email us ASGPodcast@Ritterim.com or call 1-717-562-7211 and leave a voicemail.   Resources: Everything Agents Need to Know About Selling in Sate-Based Marketplaces: https://ritterim.com/blog/everything-agents-need-to-know-about-selling-in-state-based-marketplaces/   Everything You Need to Know About the ACA OEP: https://ritterim.com/blog/everything-you-need-to-know-about-the-aca-oep/    FAQs About Selling On-Exchange & Off-Exchange Under-65 Plans: https://ritterim.com/blog/faqs-about-selling-on-exchange-off-exchange-under-65-plans/ How to Help Clients Navigate ACA Marketplace Subsidies & Taxes: https://lnk.to/qzlRwV Knight School: https://ritterim.com/knight-school/ Steps to Get Ready for OEP: Federal Exchange States & State-Based Exchanges: https://lnk.to/SyqM9T The Ritter Blog: https://ritterim.com/blog/ Meet Your Sales Team: https://ritterim.com/meet-your-sales-team/  Under-65 Health: https://ritterim.com/products/under-65/ What the Inflation Reduction Act Means for Your Medicare & ACA Clients: https://ritterim.com/blog/what-the-inflation-reduction-act-means-for-your-medicare-aca-clients/   References: “2025 Marketplace Integrity and Affordability Proposed Rule.” CMS.Gov, Centers for Medicare & Medicaid Services, https://www.cms.gov/newsroom/fact-sheets/2025-marketplace-integrity-and-affordability-proposed-rule. Accessed 10 Apr. 2025. “ECFR :: 45 CFR 164.512 -- Uses and Disclosures for Which an Authorization or Opportunity to Agree or Object Is Not Required.” Code of Federal Regulations, https://www.ecfr.gov/current/title-45/subtitle-A/subchapter-B/part-155/subpart-D/section-155.335. Accessed 8 Apr. 2025. “Low Cost Marketplace Health Care, Qualifying Income Levels.” HealthCare.Gov, https://www.healthcare.gov/lower-costs/. Accessed 8 Apr. 2025.   Follow Us on Social!  Ritter on Facebook, https://www.facebook.com/RitterIM Instagram, https://www.instagram.com/ritter.insurance.marketing/ LinkedIn, https://www.linkedin.com/company/ritter-insurance-marketing TikTok, https://www.tiktok.com/@ritterim X, https://x.com/RitterIM and YouTube, https://www.youtube.com/user/RitterInsurance     Sarah on LinkedIn, https://www.linkedin.com/in/sjrueppel/ Instagram, https://www.instagram.com/thesarahjrueppel/ and Threads, https://www.threads.net/@thesarahjrueppel  Tina on LinkedIn, https://www.linkedin.com/in/tina-lamoreux-6384b7199/   Not affiliated with or endorsed by Medicare or any government agency.

Send us a textWe'll tell you the story of con artists who preyed on the elderly with home remodeling scams. One was  brazen enough to outright tell the homeowner what needed to be done and begin work.

Emre Baran, CEO and co-founder of Cerbos, and Alex Olivier, CPO and co-founder, join SE Radio host Priyanka Raghavan to explore “stateless decoupled authorization frameworks. The discussion begins with an introduction to key terms, including authorization, authorization models, and decoupled frameworks. They dive into the challenges of building decoupled authorization, as well as the benefits of this approach and the operational hurdles. The conversation shifts to Cerbos, an open-source policy-based access control framework, comparing it with OPA (Open Policy Agent). They also delve into Cerbos's technical workings, including specification definitions, GitOps integration, examples of usage, and deployment strategies. The episode concludes with insights into potential trends in the authorization space. This episode is sponsored by Penn Carey Law school

Join Matthias Reinwarth in this special episode of the KuppingerCole Analyst Chat as he welcomes not one but two expert guests: Nitish Deshpande, Research Analyst at KuppingerCole, and Martin Kuppinger, Principal Analyst and Co-Founder of KuppingerCole. Together, they explore the evolution of modern authorization, discussing how far the industry has come since the early days of static entitlements and XML-based policies. From early insights shared back in 2009 to today’s dynamic, AI-enhanced, signal-driven authorization models, this episode unpacks the what, why, and how of modern access control systems.

Join Matthias Reinwarth in this special episode of the KuppingerCole Analyst Chat as he welcomes not one but two expert guests: Nitish Deshpande, Research Analyst at KuppingerCole, and Martin Kuppinger, Principal Analyst and Co-Founder of KuppingerCole. Together, they explore the evolution of modern authorization, discussing how far the industry has come since the early days of static entitlements and XML-based policies. From early insights shared back in 2009 to today’s dynamic, AI-enhanced, signal-driven authorization models, this episode unpacks the what, why, and how of modern access control systems.

Today's guests, David Soria Parra and Justin Spahr-Summers, are the creators of Anthropic's Model Context Protocol (MCP). When we first wrote Why MCP Won, we had no idea how quickly it was about to win. In the past 4 weeks, OpenAI and now Google have now announced the MCP support, effectively confirming our prediction that MCP was the presumptive winner of the agent standard wars. MCP has now overtaken OpenAPI, the incumbent option and most direct alternative, in GitHub stars (3 months ahead of conservative trendline): For protocol and history nerds, we also asked David and Justin to tell the origin story of MCP, which we leave to the reader to enjoy (you can also skim the transcripts, or, the changelogs of a certain favored IDE). It's incredible the impact that individual engineers solving their own problems can have on an entire industry. Timestamps 00:00 Introduction and Guest Welcome 00:37 What is MCP? 02:00 The Origin Story of MCP 05:18 Development Challenges and Solutions 08:06 Technical Details and Inspirations 29:45 MCP vs Open API 32:48 Building MCP Servers 40:39 Exploring Model Independence in LLMs 41:36 Building Richer Systems with MCP 43:13 Understanding Agents in MCP 45:45 Nesting and Tool Confusion in MCP 49:11 Client Control and Tool Invocation 52:08 Authorization and Trust in MCP Servers 01:01:34 Future Roadmap and Stateless Servers 01:10:07 Open Source Governance and Community Involvement 01:18:12 Wishlist and Closing Remarks

On today's episode, we have Chris McCabe, founder and CEO of Ecommercechris.com has saved more Amazon brands from the seedier side of working with Amazon than anybody I know.  Today we dive into the world of resellers on Amazon and discuss the recent changes.  Chris shared valuable insights including what resellers should do to save their Amazon business.   Tune in to learn more and be up to date!   In This Episode: [00:15] Introducing Chris McCabe [02:50] Resellers must know. [06:25] Letter of Authorization [09:15] First sale doctrine [12:35] Amazon's motivation for LOA [16:40] Replenishing inventories   Guest Links and References: Website: https://www.ecommercechris.com/ Instagram: https://www.instagram.com/amznchris/ Linkedin profile: https://www.linkedin.com/in/chris-mccabe-2646555/ Youtube channel: https://www.youtube.com/@ecommerceChris Email: chris@ecommercechris.comLinks and References: Wizards of Amazon:  https://www.wizardsofecom.com/ Wizards of Amazon Courses:  www.wizardsofecom.com/academy Wizards of Amazon Meetup:  https://www.meetup.com/South-Florida-FBA/ Wizards of Amazon on Facebook:  https://www.facebook.com/groups/WizardsofAmazon/ Wizards of Amazon on Instagram:  https://www.instagram.com/wizardsofecom/

Episode SummaryIn this episode of The Secure Developer, host Danny Allan sits down with Alex Salazar, founder and CEO of Arcade, to discuss the evolving landscape of authentication and authorization in an AI-driven world. Alex shares insights on the shift from traditional front-door security to back-end agent interactions, the challenges of securing AI-driven agents, and the role of identity in modern security frameworks. The conversation delves into the future of AI, agentic workflows, and how organizations can navigate authentication, authorization, and security in this new era.Show NotesDanny Allan welcomes Alex Salazar, an experienced security leader and CEO of Arcade, to explore the transformation of authentication and authorization in AI-powered environments. Drawing from his experience at Okta, Stormpath, and venture capital, Alex provides a unique perspective on securing interactions between AI agents and authenticated services.Key topics discussed include:The Evolution of Authentication & Authorization: Traditional models focused on front-door access (user logins, SSO), whereas AI-driven agents require secure back-end interactions.Agentic AI and Security Risks: How AI agents interact with services on behalf of users, and why identity becomes the new perimeter in security.OAuth and Identity Challenges: Adapting OAuth for AI agents, ensuring least-privilege access, and maintaining security compliance.AI Hallucinations & Risk Management: Strategies for mitigating LLM hallucinations, ensuring accuracy, and maintaining human oversight.The Future of AI & Agentic Workflows: Predictions on how AI will continue to evolve, the rise of specialized AI models, and the intersection of AI and physical automation.Alex and Danny also discuss the broader impact of AI on developer productivity, with insights into how companies can leverage AI responsibly to boost efficiency without compromising security.LinksArcade.dev - Make AI Actually Do ThingsOkta - IdentityOAuth - Authorization ProtocolLangChain - Applications that Can ReasonHugging Face - The AI Community Building the FutureSnyk - The Developer Security Company Follow UsOur WebsiteOur LinkedIn

The EU aims to partially enforce ETIAS in April 2027, while the system would become fully mandatory in October.View the full article here.Subscribe to the IMI Daily newsletter here.

Critical Next.js Vulnerability CVE-2025-29927 A critical vulnerability in how the x-middleware-subrequest header is verified may lead to bypassing authorization in Next.js applications. https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware https://github.com/vercel/next.js/security/advisories/GHSA-f82v-jwr5-mffw https://www.runzero.com/blog/next-js/ Microsoft Trust Signing Service Abused Attackers abut the Microsoft Trust Signing Service, a service meant to help developers create signed software, to obtain short lived signatures for malware. https://www.bleepingcomputer.com/news/security/microsoft-trust-signing-service-abused-to-code-sign-malware/

Before applying, it's crucial to understand if you're eligible for an Employment Authorization Document, or more commonly referred to as an EAD. Generally, individuals eligible to apply include those with pending asylum applications, DACA recipients, and certain students, spouses of certain workers, among others. Each category has specific criteria, so be sure to verify your eligibility before proceeding.   

Environmental concerns are rising over the Interstate Bridge Replacement Project. Neighbors for a Better Crossing is urging the public to comment on its potential harm to marine life before the April 14 deadline. Read more at https://www.clarkcountytoday.com/news/ibr-program-requests-nmfs-authorization-to-potentially-harm-harass-columbia-river-marine-life-over-five-year-period/ on www.ClarkCountyToday.com #localnews #ClarkCountyWa #IBR #ColumbiaRiver #MarineMammals

In this episode, you'll learn how to protect your business from costly mistakes in I-9 compliance and ICE audits. Discover how to stay ahead with proactive audits, avoid common pitfalls, and handle ICE visits with confidence. Whether you're hiring your first employee or managing a growing team, this episode gives you the tools to stay compliant and safeguard your business..Link:https://www.uscis.gov/i-9-central/form-i-9-resources/handbook-for-employers-m-274 InvitationUse the link below to learn more and become an Idomeneo insider. You'll get info to help you unleash your team's engagement, protect your people investment, and grow your leadership muscle.  I can't wait to continue the conversation.https://idomeneoinc.com/welcome/

On today's episode, we have Chris McCabe, founder and CEO of Ecommercechris.com has saved more Amazon brands from the seedier side of working with Amazon than anybody I know. Today we dive into the world of resellers on Amazon and discuss the recent changes.  Chris shared valuable insights including what resellers should do to save their Amazon business.   Tune in to learn more and be up to date!   In This Episode: [00:15] Introducing Chris McCabe [02:50] Resellers must know. [06:25] Letter of Authorization [09:15] First sale doctrine [12:35] Amazon's motivation for LOA [16:40] Replenishing inventories   Guest Links and References: Website: https://www.ecommercechris.com/ Instagram: https://www.instagram.com/amznchris/ Linkedin profile: https://www.linkedin.com/in/chris-mccabe-2646555/ Youtube channel: https://www.youtube.com/@ecommerceChris Email: chris@ecommercechris.com Links and References: Wizards of Amazon:  https://www.wizardsofecom.com/  Wizards of Amazon Courses:  www.wizardsofecom.com/academy Wizards of Amazon Meetup:  https://www.meetup.com/South-Florida-FBA/ Wizards of Amazon on Facebook:  https://www.facebook.com/groups/WizardsofAmazon/ Wizards of Amazon on Instagram:  https://www.instagram.com/wizardsofecom/  

AUTHORITY Luke 7:1-10 March 2, 2025 1. AUTHOR OF AUTHORITY: Luke 7:7-8 (NASB) Authority: - Official, Legal Right to Rule. - Freedom Of Choice. - It's An Authorization to Make Decisions Within A Particular Jurisdiction Name Genesis 1:26 (NKJV) "Let Us make man in Our image," "Elohim" Nature 2. RECEIPINTENTS OF AUTHORITY: Genesis 1:28 (NKJV) Dominion- “To Tread Upon” Genesis 2:19 "...whatever the man called each living creature, that was its name." 3. ENEMY OF AUTHORITY: Genesis 3:4-5 4. POWER OF AUHTORITY Luke 10:19 (NLT) "I have given you authority over all the power of the enemy," "exousa" +++++++ You can find our service times on our website: https://www.anctally.com/ You can find sermon highlights on Twitter here: https://x.com/allnationstally

An OWCP  traumatic injury is defined as: “A wound or other condition of the body caused by external force, including stress or strain, which is identifiable as to the time and place of occurrence and member or function of the body affected. The injury must be caused by a specific event or incident or series of events or incidents within a single work day or work shift.”Notifying your supervisor and filing a claim & Immediately notify your supervisor of your injury and your intent to file a claim using ECOMP. Request your supervisor's Postal Service email address to use in registering in ECOMP. Once you have registered in ECOMP, go to the top of your dashboard and click New Claim. Follow the directions for filing a CA-1 claim for traumatic injury. If you are filing the claim within one week of the injury, request form CA-16, Authorization for Examination and/or Treatment (must be supplied by your manager within 4 hour. Request a Form CA-17 Duty Status Report from your supervisor. The Postal Service is responsible for filling out the job requirements on the left (side A) of the CA-17. Once your doctor has completed the CA-17, make a copy or take a picture of the completed CA-17 and give the original to your supervisor. Your doctor should provide you with their report so you can send medical reports directly to OWCP.  You can  upload medical reports into your claim file via ECOMP. When the occupational & safety personnel ask you for your records you are required to provide them with your return to work CA forms CA-17 or CA-5C. Your medical reports are protected by the Privacy Act and should be sent directly to OWCP, not the Postal Service. Never give your private health information medical reports to an agency employee that is protected by federal law. For more information read the show transcript and listen to the podcast. The podcast Dr. Taylor's contact information is:https://fedcompconsultants@protonmail.com If you need a medical provider or assistance with an OWCP /  DOL claim in Tampa, Pensacola Florida or Mobile Alabama    you can make an appointment to see Dr. Taylor, or Dr. Sullivan   at the clinic at  FWC Medical Centers. To make a consultation with Dr. Taylor  call the clinic at 813-215-4356 or go  to our website at https://mrtherapycenter.com/or https://fedcompconsultants.com/For responses please  email Dr. Taylor at fedcompconsultants@protonmail.comFor responses email Dr. Taylor at fedcompconsultants@protonmail.comFEEDSPOT TOP 10 National Workers Compensation Podcast: https://podcast.feedspot.com/workers_compensation_podcasts/?feedid=5557942&_src=f2_featured_email

In this episode, Sam Munda, Managing Director for Kenya and VP of Africa at Travisory, delves into the evolving landscape of Africa's border security and digital travel solutions. With over 30 years of experience in aviation ICT and transport security, Sam shares insights on seamless border management, visa accessibility, and the future of hassle-free travel across the continent. Sam Munda joined Travizory in 2020 and is the Managing Director for the Kenya Office. He leads the company's commercial strategy across Africa, supporting governments in digitizing borders to enhance security, efficiency, and traveler experience. His work also enables real-time data access for better decision-making. With over 30 years of experience in ICT, aviation, and transport security, Sam has held leadership roles in Africa with a major global aviation ICT provider. He is an Electronics Engineer, having graduated from ENAC (École Nationale de l'Aviation Civile) in Toulouse, France, and holds an MBA from the University of South Africa (UNISA).

Picking up from Part 1, hosts Lois Houston and Nikita Abraham continue their deep dive into MySQL security with MySQL Solution Engineer Ravish Patel. In this episode, they focus on user authentication techniques and tools such as MySQL Enterprise Audit and MySQL Enterprise Firewall.   MySQL 8.4 Essentials: https://mylearn.oracle.com/ou/course/mysql-84-essentials/141332/226362 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, David Wright, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode.   --------------------------------------------------------   Episode Transcript:   00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative  podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:25 Nikita: Welcome to the Oracle University Podcast! I'm Nikita Abraham, Team Lead of Editorial Services with Oracle University, and with me is Lois Houston, Director of Innovation Programs. Lois: Hi everyone! Last week, we began exploring MySQL security, covering regulatory compliance and common security threats.  Nikita: This week, we're continuing the conversation by digging deeper into MySQL's user authentication methods and taking a closer look at some powerful security tools in the MySQL Enterprise suite. 00:57 Lois: And we're joined once again by Ravish Patel, a MySQL Solution Engineer here at Oracle. Welcome, Ravish! How does user authentication work in MySQL? Ravish: MySQL authenticates users by storing account details in a system database. These accounts are authenticated with three elements, username and hostname commonly separated with an @ sign along with a password.  The account identifier has the username and host. The host identifier specifies where the user connects from. It specifies either a DNS hostname or an IP address. You can use a wild card as part of the hostname or IP address if you want to allow this username to connect from a range of hosts. If the host value is just the percent sign wildcard, then that username can connect from any host. Similarly, if you create the user account with an empty host, then the user can connect from any host.  01:55 Lois: Ravish, can MySQL Enterprise Edition integrate with an organization's existing accounts?  Ravish: MySQL Enterprise authentication integrates with existing authentication mechanisms in your infrastructure. This enables centralized account management, policies, and authentication based on group membership and assigned corporate roles, and MySQL supports a wide range of authentication plugins. If your organization uses Linux, you might already be familiar with PAM, also known as Pluggable Authentication Module. This is a standard interface in Linux and can be used to authenticate to MySQL. Kerberos is another widely used standard for granting authorization using a centralized service. The FIDO Alliance, short for Fast Identify Online, promotes an interface for passwordless authentication. This includes methods for authenticating with biometrics RUSB security tokens. And MySQL even supports logging into centralized authentication services that use LDAP, including having a dedicated plugin to connect to Windows domains. 03:05 Nikita: So, once users are authenticated, how does MySQL handle user authorization? Ravish: The MySQL privilege system uses the GRANT keyword. This grants some privilege X on some object Y to some user Z, and optionally gives you permission to grant the same privilege to others. These can be global administrative privileges that enable users to perform tasks at the server level, or they can be database-specific privileges that allow users to modify the structure or data within a database. 03:39 Lois: What about database privileges? Ravish: Database privileges can be fine-grained from the largest to the smallest. At the database level, you can permit users to create, alter, and delete whole databases. The same privileges apply at the table, view, index, and stored procedure levels. And in addition, you can control who can execute stored procedures and whether they do so with their own identity or with the privileges of the procedure's owner. For tables, you can control who can select, insert, update, and delete rows in those tables. You can even specify the column level, who can select, insert, and update data in those columns. Now, any privileged system carries with it the risk that you might forget an important password and lock yourself out. In MySQL, if you forget the password to the root account and don't have any other admin-level accounts, you will not be able to administer the MySQL server. 04:39 Nikita: Is there a way around this? Ravish: There is a way around this as long as you have physical access to the server that runs the MySQL process. If you launch the MySQL process with the --skip grant tables option, then MySQL will not load the privilege tables from the system database when it starts. This is clearly a dangerous thing to do, so MySQL also implicitly disables network access when you use that option to prevent users from connecting over the network. When you use this option, any client connection to MySQL succeeds and has root privileges. This means you should control who has shell access to the server during this time and you should restart the server or enable privileged system with the command flush privileges as soon as you have changed the root password. The privileges we have already discussed are built into MySQL and are always available. MySQL also makes use of dynamic privileges, which are privileges that are enabled at runtime and which can be granted once they are enabled.  In addition, plugins and components can define privileges that relate to features of those plugins. For example, the enterprise firewall plugin defines the firewall admin privilege and the audit admin privilege is defined by the enterprise audit plugin.  06:04 Are you working towards an Oracle Certification this year? Join us at one of our certification prep live events in the Oracle University Learning Community. Get insider tips from seasoned experts and learn from others who have already taken their certifications. Go to community.oracle.com/ou to jump-start your journey towards certification today! 06:28 Nikita: Welcome back! Ravish, I want to move on to MySQL Enterprise security tools. Could you start with MySQL Enterprise Audit? Ravish: MySQL Enterprise Audit is an extension available in Enterprise Edition that makes it easier to comply with regulations that require observability and control over who does what in your database servers. It provides visibility of connections, authentication, and individual operations. This is a necessary part of compliance with various regulations, including GDPR, NIS2, HIPAA, and so on. You can control who has access to the audited events so that the audits themselves are protected. As well as configuring what you audit, you can also configure rotation policies so that unmonitored audit logs don't fill up your storage space. The configuration can be performed while the server is running with minimal effect on production applications. You don't need to restart the server to enable or disable auditing or to change the filtering options. You can output the audit logs in either XML or JSON format, depending on how you want to perform further searching and processing. If you need it, you can compress the logs to save space and you can encrypt the logs to provide address protection of audited identities and data modifications. The extension is available either as a component or if you prefer, as the legacy plugin. 07:53 Lois: But how does it all work? Ravish: Well, first, as a DBA, you'll enable the audit plugin and attach it to your running server. You can then configure filters to audit your connections and queries and record who does what, when they do it, and so on. Then once the system is up and running, it audits whenever a user authenticates, accesses data, or even when they perform schema changes. The logs are recorded in whatever format that you have configured. You can then monitor the audited events at will with MySQL tools such as Workbench or with any software that can view and manipulate XML or JSON files. You can even configure Enterprise Audit to export the logs to an external Audit Vault, enabling collection, and archiving of audit information from all over your enterprise. In general, you won't audit every action on every server. You can configure filters to control what specific information ends up in the logs. 08:50 Nikita: Why is this sort of filtering necessary, Ravish? Ravish: As a DBA, this enables you to create a custom designed audit process to monitor things that you're really interested in. Rules can be general or very fine grained, which enables you to reduce the overall log size, reduces the performance impact on the database server and underlying storage, makes it easier to process the log file once you've gathered data, and filters are configured with the easily used JSON file format. 09:18 Nikita: So what information is audited? Ravish: You can see who did what, when they did it, what commands they use, and whether they succeeded. You can also see where they connected from, which can be useful when identifying man in the middle attacks or stolen credentials. The log also records any available client information, including software versions and information about the operating system and much more. 09:42 Lois: Can you tell us about MySQL Enterprise Firewall, which I understand is a specific tool to learn and protect the SQL statements that MySQL executes? Ravish: MySQL Enterprise Firewall can be enabled on MySQL Enterprise Edition with a plugin. It uses an allow list to set policies for acceptable queries. You can apply this allow list to either specific accounts or groups. Queries are protected in real time. Every query that executes is verified per server and checked to make sure that it conforms to query structures that are defined in the allow list. This makes it very useful to block SQL injection attacks. Only transactions that match well-formed queries in the allow list are permitted. So any attempt to inject other types of SQL statements are blocked. Not only does it block such statements, but it also sends an alert to the MySQL error log in real time. This gives you visibility on any security gaps in your applications. The Enterprise Firewall has a learning mode during which you can train the firewall to identify the correct sort of query. This makes it easy to create the allow list based on a known good workload that you can create during development before your application goes live. 10:59 Lois: Does MySQL Enterprise Firewall operate seamlessly and transparently with applications? Ravish: Your application simply submits queries as normal and the firewall monitors incoming queries with no application changes required. When you use the Enterprise Firewall, you don't need to change your application. It can submit statements as normal to the MySQL server. This adds an extra layer of protection in your applications without requiring any additional application code so that you can protect against malicious SQL injection attacks. This not only applies to your application, but also to any client that configured user runs. 11:37 Nikita: How does this firewall system work?  Ravish: When the application submits a SQL statement, the firewall verifies that the statement is in a form that matches the policy defined in the allow list before it passes to the server for execution.  It blocks any statement that is in a form that's outside of policy.  In many cases, a badly formed query can only be executed if there is some bug in the application's data validation. You can use the firewall's detection and alerting features to let when it blocks such a query, which will help you quickly detect such bugs, even when the firewall continues to block the malicious queries. 12:14 Lois: Can you take us through some of the encryption and masking features available in MySQL Enterprise Edition?  Ravish: Transparent data encryption is a great way to protect against physical security disclosure. If someone gains access to the database files on the file system through a vulnerability of the operating system, or even if you've had a laptop stolen, your data will still be protected. This is called Data at Rest Encryption. It protects not only the data rows in tablespaces, but also other locations that store some version of the data, such as undo logs, redo logs, binary logs and relay logs. It is a strong encryption using the AES 256 algorithm. Once we enable transparent data encryption, it is, of course, transparent to the client software, applications, and users. Applications continue to submit SQL statements, and the encryption and decryptions happen in flight. The application code does not need to change. All data types, table structure, and database names remain the same. It's even transparent to the DBAs. The same data types, table structure, and so on is still how the DBA interacts with the system while creating indexes, views, and procedures. In fact, DBAs don't even need to be in possession of any encryption keys to perform their admin tasks. It is entirely transparent. 13:32 Nikita: What kind of management is required for encryption? Ravish: There is, of course, some key management required at the outside. You must keep the keys safe and put policies in place so that you store and rotate keys effectively, and ensure that you can recover those keys in the event of some disaster. This key management integrates with common standards, including KMIP and KMS. 13:53 Lois: Before we close, I want to ask you about the role of data masking in MySQL. Ravish: Data masking is when we replace some part of the private information with a placeholder. You can mask portions of a string based on the string position using the letter X or some other character. You can also create a table that contains a dictionary of suitable replacement words and use that dictionary to mask values in your data. There are specific functions that work with known formats of data, for example, social security numbers as used in the United States, national insurance numbers from the United Kingdom, and Canadian social insurance numbers. You can also mask various account numbers, such as primary account numbers like credit cards or IBAN numbers as used in the European Bank system. There are also functions to generate random values, which can be useful in test databases. This might be a random number within some range, or an email address, or a compliant credit card number, or social security number. You can also create random information using the dictionary table that contains suitable example values. 14:58 Nikita: Thank you, Ravish, for taking us through MySQL security. We really cannot overstate the importance of this, especially in today's data-driven world.  Lois: That's right, Niki. Cyber threats are increasingly sophisticated these days. You really have to be on your toes when it comes to security. If you're interested in learning more about this, the MySQL 8.4 Essentials course on mylearn.oracle.com is a great next step.  Nikita: We'd also love to hear your thoughts on our podcast so please feel free to share your comments, suggestions, or questions by emailing us at ou-podcast_ww@oracle.com. That's ou-podcast_ww@oracle.com. In our next episode, we'll journey into the world of MySQL backups. Until then, this is Nikita Abraham… Nikita: And Lois Houston, signing off! 15:51 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

Comprehensive coverage of the day's news with a focus on war and peace; social, environmental and economic justice. Trump's Mexico tariffs delayed for a month, president says Americans may “feel some pain” from tariffs Trump/Musk shutdown of US foreign aid agency USAID sparks chaos, Democrats call it illegal power grab “A Day Without an Immigrant” demonstrations draw tens of thousands across country in protest of Trump immigration policies Major hospitals in several states cutting transgender care for youths under Trump funding threat University of California health, research, technical workers voting on strike authorization, citing staffing crisis at medical centers Rebels declare ceasefire in Congo fighting, as 1 in 4 people face acute hunger The post Trump shuts US foreign aid agency; UC workers voting on strike authorization, citing staffing crisis – February 3, 2025 appeared first on KPFA.

Security takes center stage in this episode as Lois Houston and Nikita Abraham are joined by MySQL Solution Engineer Ravish Patel. Together, they explore MySQL's security features, addressing key topics like regulatory compliance.   Ravish also shares insights on protecting data through encryption, activity monitoring, and access control to guard against threats like SQL injection and malware.   MySQL 8.4 Essentials: https://mylearn.oracle.com/ou/course/mysql-84-essentials/141332/226362 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, David Wright, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode.   ---------------------------------------------------------   Episode Transcript:   00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative  podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:25 Lois: Welcome to the Oracle University Podcast! I'm Lois Houston, Director of Innovation Programs with Oracle University, and with me today is Nikita Abraham, Team Lead of Editorial Services. Nikita: Hey everyone! In our last episode, we took a look at MySQL database design. Today is the first of a two-part episode on MySQL security.  Lois: In Part 1, we'll discuss how MySQL supports regulatory compliance and how to spot and handle common security risks.  00:55 Nikita: Joining us today is Ravish Patel, a MySQL Solution Engineer at Oracle. Hi Ravish! Let's start by talking about how MySQL supports regulatory compliance. 01:06 Ravish: Some of the most important international regulations that we have surrounding data and organizations include the GDPR, HIPAA, Sarbanes-Oxley, the UK Data Protection Act, and the NIS2. Although each regulatory framework differs in the details, in general, you must be able to comply with certain key requirements and all of which are enabled by MySQL. First, you must be able to monitor user activity on the system, which includes keeping track of when new users are created, when the schema changes, and when backups are taken and used. You must protect data, for example, by ensuring that databases that are stored on disk are encrypted at REST and ensuring that only authorized users have privileges to access and modify the data. You must have the appropriate retention policies in place for your data, ensuring that backups are held securely and used only for the purpose intended. You must be able to audit access to the data so that you can trace which users gained access to records or when they were modified. All of these facilities are available in MySQL, either as part of the core community edition features or made available through enterprise features. 02:21 Lois: What kind of risks might we encounter, Ravish, and how can we address them? Ravish: As your system grows in complexity, you're likely going to have more risks associated with it. Some of those risks are associated with the human factors that come with any computer system. These might be errors that are introduced when people perform work on the system, either administrative work on the environment or database or work that developers and testers perform when working on a changing system. You might even have malicious users trying to exploit the system or good faith users or support staff who make changes without proper consideration or protection from knock-on effects. At the foundation are the necessary components of the system, each of which might be vulnerable to human error or malicious actors. Every piece of the system exposes possible risks, whether that's the application presented to users, the underlying database, the operating system or network that it works on, or processes such as backups that place copies of your data in other locations. More complex environments add more risks. High availability architectures multiply the number of active systems. Consolidating multiple application databases on a single server exposes every database to multiple vectors for bugs and human error. Older, less well supported applications might give more challenges for maintenance. Engaging external contractors might reduce your control over authorized users. And working in the cloud can increase your network footprint and your reliance on external vendors.  03:53 Nikita: What are risks that specifically impact the database? Ravish: The database server configuration might not be optimal. And this can be changed by users with proper access. To mitigate this risk, you might enable version control of the configuration files and ensure that only certain users are authorized. Application and administrator accounts might have more data privileges than required, which adds risk of human error or malicious behavior. To mitigate this, you should ensure that users are only granted necessary permissions. In particular, structural modifications and administrative tasks might be more widely accessible than desired. Not every developer needs full administrative rights on a database. And certainly, an application should not have such privileges. You should limit administrative privileges only to those users who need that authorization. 04:45 Nikita: Okay, quick question, Ravish. How do authentication and password security fit into this picture? Ravish: Authentication is often a weak point. And password security is one of the most common issues in large applications. Ensure that you have strong password policies in place. And consider using authentication mechanisms that don't solely rely on passwords, such as pass-through authentication or multifactor authentication. 05:11 Lois: So, it sounds like auditing operations are a critical part of this process, right? Ravish: When something bad happens, you can only repair it or learn from it if you know exactly what has happened and how. You should ensure that you audit key operations so you can recover from error or malicious actions. If a developer laptop is lost or stolen or someone gains access to an underlying operating system, then your data might become vulnerable. You can mitigate this by encrypting your data in place.  This also applies to backups and, where possible, securing the connection between your application and the database to encrypt data in flight. 05:54 Did you know that Oracle University offers free courses on Oracle Cloud Infrastructure? You'll find training on everything from multicloud, database, networking, and security to artificial intelligence and machine learning, all free for our subscribers. So, what are you waiting for? Pick a topic, head over to mylearn.oracle.com and get started. 06:18 Nikita: Welcome back! Before the break, we touched on the importance of auditing. Now, Ravish, what role does encryption play in securing these operations? Ravish: Encryption is only useful if the keys are secure. Make sure to keep your encryption assets secure, perhaps by using a key vault. Every backup that you take contains a copy of your data. If these backups are not kept securely, then you are at risk, just as if your database wasn't secure. So keep your backups encrypted. 06:47 Lois: From what we've covered so far, it's clear that monitoring is essential for database security. Is that right? Ravish: Without monitoring, you can't track what happens on an ongoing basis. For example, you will not be aware of a denial-of-service attack until the application slows down or becomes unavailable. If you implement monitoring, you can identify a compromised user account or unusual query traffic as it happens. A poorly coded application might enable queries that do more than they should. A database firewall can be configured to permit only queries that conform to a specific pattern. 07:24 Nikita: There are so many potential types of attacks out there, right? Could you tell us about some specific ones, like SQL injection and buffer overflow attacks? Ravish: A SQL injection attack is a particular form of attack that modifies a SQL command to inject a different command to the one that was intended by the developer. You can configure an allow list in a database firewall to block such queries and perform a comprehensive input validation inside the application so that such queries cannot be inserted. A buffer overflow attack attempts to input more data than can fit in the appropriate memory location. These are usually possible when there is an unpatched bug in the application or even in the database or operating system software. Validation and the database firewall can catch this sort of attack before it even hits the database. And frequent patching of the platforms can mitigate risks that come from unpatched bugs. Malicious acts from inside the organization might also be possible. So good access control and authorization can prevent this. And monitoring and auditing can detect it if it occurs. 08:33 Lois: What about brute force attacks? How do they work? Ravish: A brute force attack is when someone tries passwords repeatedly until they find the correct one. MySQL can lock out an account if there have been too many incorrect attempts. Someone who has access to the physical network on which the application and database communicate can monitor or eavesdrop that network. However, if you encrypt the communications in flight, perhaps by using TLS or SSL connections, then that communication cannot be monitored. 09:04 Nikita: How do the more common threats like malware, Trojan horses, and ransomware impact database security? Ravish: Malware, ransomware, and Trojan horses can be a problem if they get to the server platforms or if client systems are compromised and have too much permissions. If the account that is compromised has only limited access and if the database is encrypted in place, then you can minimize the risks associated even if such an event occurs. There are also several risks directly associated with people who want to do the harm. So it's vital to protect personal information from any kind of disclosure, particularly sensitive information, such as credit card numbers. Encryption and access control can protect against this. 09:49 Lois: And then there are denial-of-service and spoofing attacks as well, right? How can we prevent those? Ravish: A denial-of-service attack prevents users from accessing the system. You can prevent any single user from performing too many queries by setting resource users limits. And you can limit the total number of connections as well. Sometimes, a user might gain access to a privileged level that is not appropriate. Password protection, multifactor authentication, and proper access control will protect against this. And auditing will help you discover if it has occurred. A spoofing attack is when an attacker intercepts and uses information to authenticate a user. This can be mitigated with strong access control and password policies. An attacker might attempt to modify or delete data or even auditing information. Again, this can be mitigated with tighter access controls and caught with monitoring and auditing. If the attack is successful, you can recover from it easily if you have a strong backup strategy in place. 10:50 Nikita: Ravish, are there any overarching best practices for keeping a database secure? Ravish: The MySQL installation itself should be kept up-to-date. This is the easiest if you install from a package manager on Windows or Linux. Your authentication systems should be kept strong with password policies or additional authentication systems that supplement or replace passwords entirely. Authorization should be kept tightly controlled by minimizing the number of active accounts and ensuring that those accounts have only the minimal privileges. You should control and monitor changes on the system. You can limit such changes with the database firewall and with tight access controls and observe changes with monitoring, auditing, and logging. Data encryption is also necessary to protect data from disclosure. MySQL supports encryption in place with Transparent Data Encryption, also known as TDE, and a variety of encryption functions and features. And you can encrypt data in flight with SSL or TLS. And of course, it's not just about the database itself but how it's used in the wider enterprise. You should ensure that replicas are secure and that your disaster recovery procedures do not open up to additional risks. And keep your backups encrypted. 12:06 Lois: Is there anything else we should keep in mind as part of these best practices? Ravish: The database environment is also worth paying attention to. The operating system and network should be as secure as you can keep them.  You should keep your platform software patched so that you are protected from known exploits caused by bugs. If your operating system has hardening guidelines, you should always follow those. And the Center of Internet Security maintains a set of benchmarks with configuration recommendations for many products designed to protect against threats. 12:38 Nikita: And that's a wrap on Part 1! Thank you, Ravish, for guiding us through MySQL's role in ensuring compliance and telling us about the various types of attacks. If you want to dive deeper into these topics, head over to mylearn.oracle.com to explore the MySQL 8.4 Essentials course. Lois: In our next episode, we'll continue to explore how user authentication works in MySQL and look at a few interesting MySQL Enterprise security tools that are available. Until then, this is Lois Houston…  Nikita: And Nikita Abraham, signing off! 13:12 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

City Council Meeting – January 21, 2025In this episode, hear the key discussions and decisions from the January 21, 2025, Redding City Council meeting. Topics include updates to public safety, infrastructure, and community development. Highlights include:Approval of additional body-worn cameras for the Redding Police Department.Updates on emergency sewer and pavement repairs along Placer Street.Progress on a new mental health and chemical dependency treatment facility and a proposed medical school in Redding.A look at the Redding Electric Utility's 2026 Strategic Plan.Approval of the Community Wildfire Protection Plan to improve wildfire preparedness.Authorization to apply for grants to fund transportation and infrastructure projects, including the South Bonnyview Diverging Diamond Interchange.Updates to zoning ordinances for adult businesses in Redding.Stay informed about the latest decisions shaping our city!Meeting Agenda >>Watch the Council meeting online >>Contact the City of Redding Podcast Team Email us at podcast@cityofredding.org Connect with us on Facebook, Twitter and Instagram Visit the City of Redding website Love the podcast? The best way to spread the word is to rate and review!

This episode is sponsored by Andromeda Security. Learn more at https://www.andromedasecurity.com/idac⁠ Join Jeff and Jim on the Identity at the Center podcast as they chat with Ashish Shah, co-founder and Chief Product Officer of Andromeda Security. In this sponsored episode, Ashish dives deep into the importance of solving identity security problems, especially in cloud and SaaS environments. He explains how Andromeda's AI-powered platform focuses on both human and non-human identities, offering use case-driven solutions for security maturity. The discussion covers challenges, AI and machine learning applications, and practical insights into permissions management, risk scoring, just-in-time access, and more. Stay tuned for interesting takes on identity security and some fun recommendations for your reading/listening list. Chapters 00:00 Introduction to Identity as a Data Problem 00:41 Overview of Andromeda's Capabilities 01:27 Welcome to the Identity at the Center Podcast 02:03 Meet Ashish Shah, Co-Founder of Andromeda 02:37 The Genesis of Andromeda 03:33 Addressing Identity Security Challenges 05:29 Andromeda's Approach to Identity Security 09:44 Measuring Success with Andromeda 12:21 Andromeda's Market Position and Ideal Customers 18:35 The Rise of Non-Human Identities 28:42 Understanding Identity and Accounts in AWS 28:54 The Concept of Incarnations in Identity Management 29:42 Human and Non-Human Identities 32:13 Challenges in Authorization and Access Control 32:44 Implementing Zero Trust and Least Privilege 35:10 Role of AI and Machine Learning in Identity Management 36:21 Risk Scoring and Behavioral Analysis 39:04 Customer Data and Model Training 41:08 Explainability and Security of AI Models 46:14 Customer Influence on Model Tuning 49:03 Andromeda's Offer and Final Thoughts 51:34 Book Recommendations and Closing Remarks Connect with Ashish: https://www.linkedin.com/in/ashishbshah/ Learn more about Andromeda: https://www.andromedasecurity.com/idac⁠ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and watch at https://www.youtube.com/@idacpodcast Keywords: Identity security, IAM, cybersecurity, artificial intelligence, AI, machine learning, ML, non-human identities, NHI, just-in-time access, JIT, IGA, privileged access management, PAM, identity threat detection and response, ITDR, cloud security, SaaS security, Andromeda Security, Ashish Shah, IDAC, Identity at the Center, Jim McDonald, Jeff Steadman

House Committee on Natural Resources Full Committee Meeting -- Consideration of Committee Rules, Authorization and Oversight Plan, and Staff Resolution Wednesday, January 22, 2025 | 2:00 PM The Natural Resources Committee will meet to organize on Wednesday, January 22, 2025, at 2:00 p.m. in room 1324 Longworth House Office Building. The Committee will consider the Committee Rules, the Authorization and Oversight Plan, and a Committee Resolution appointing Committee staff. The hearing notice and relevant documents can be found on the committee's repository at https://docs.house.gov/Committee/Calendar/ByEvent.aspx?EventID=117781 Committee Notice: https://naturalresources.house.gov/calendar/eventsingle.aspx?EventID=416869

House Committee on Natural Resources Full Committee Meeting -- Consideration of Committee Rules, Authorization and Oversight Plan, and Staff Resolution Wednesday, January 22, 2025 | 2:00 PM The Natural Resources Committee will meet to organize on Wednesday, January 22, 2025, at 2:00 p.m. in room 1324 Longworth House Office Building. The Committee will consider the Committee Rules, the Authorization and Oversight Plan, and a Committee Resolution appointing Committee staff. The hearing notice and relevant documents can be found on the committee's repository at https://docs.house.gov/Committee/Calendar/ByEvent.aspx?EventID=117781 Committee Notice: https://naturalresources.house.gov/calendar/eventsingle.aspx?EventID=416869

House Committee on Natural Resources Full Committee Meeting -- Consideration of Committee Rules, Authorization and Oversight Plan, and Staff Resolution Wednesday, January 22, 2025 | 2:00 PM The Natural Resources Committee will meet to organize on Wednesday, January 22, 2025, at 2:00 p.m. in room 1324 Longworth House Office Building. The Committee will consider the Committee Rules, the Authorization and Oversight Plan, and a Committee Resolution appointing Committee staff. The hearing notice and relevant documents can be found on the committee's repository at https://docs.house.gov/Committee/Calendar/ByEvent.aspx?EventID=117781 Committee Notice: https://naturalresources.house.gov/calendar/eventsingle.aspx?EventID=416869

House Committee on Natural Resources Full Committee Meeting -- Consideration of Committee Rules, Authorization and Oversight Plan, and Staff Resolution Wednesday, January 22, 2025 | 2:00 PM The Natural Resources Committee will meet to organize on Wednesday, January 22, 2025, at 2:00 p.m. in room 1324 Longworth House Office Building. The Committee will consider the Committee Rules, the Authorization and Oversight Plan, and a Committee Resolution appointing Committee staff. The hearing notice and relevant documents can be found on the committee's repository at https://docs.house.gov/Committee/Calendar/ByEvent.aspx?EventID=117781 Committee Notice: https://naturalresources.house.gov/calendar/eventsingle.aspx?EventID=416869

Janet and Jasmin talk about the destructive fires in Southern California, 100 workers losing their jobs at the Tin Building after sudden employment authorization checks, and Elon Musk endorses a far-right German political party.

1UNITED STATES BANKRUPTCY COURTSOUTHERN DISTRICT OF TEXASHOUSTON DIVISIONIn re:INTRUM AB, et al.,1Debtors.Chapter 11Case No. 24-90575 (CML)(Jointly Administered)NOTICE OF APPEALPursuant to 28 U.S.C. § 158(a) and Federal Rules of Bankruptcy Procedure 8002 and 8003,notice is hereby given that the Ad Hoc Committee of holders of 2025 notes issued by Intrum AB(the “AHC”) hereby appeals to the United States District Court for the Southern District of Texasfrom (i) the Order Denying Motion of the Ad Hoc Committee of Holders of Intrum AB Notes Due2025 to Dismiss Chapter 11 Cases Pursuant to 11 U.S.C. § 1112(b) and Federal Rule ofBankruptcy Procedure 1017(f)(1) (ECF No. 262) (the “Motion to Dismiss Order”) and (ii) theOrder (I) Approving Disclosure Statement and (II) Confirming Joint Prepackaged Chapter 11Plan of Intrum AB and Its Affiliated Debtor (Further Technical Modifications) (ECF No. 263) (the“Confirmation Order”). A copy of the Motion to Dismiss Order is attached as Exhibit A and acopy of the Confirmation Order is attached as Exhibit B. Additionally, the transcript of theBankruptcy Court's oral ruling accompanying the Motion to Dismiss Order and ConfirmationOrder (ECF No. 275) is attached as Exhibit C.Below are the names of all parties to this appeal and their respective counsel:1 The Debtors in these Chapter 11 Cases are Intrum AB and Intrum AB of Texas LLC. The Debtors'service address in these Chapter 11 Cases is 801 Travis Street, Ste 2101, #1312, Houston, TX 77002.Case 24-90575 Document 296 Filed in TXSB on 01/13/25 Page 1 of 62I. APPELLANTA. Name of Appellant:The members of the AHC include:Boundary Creek Master Fund LP; CF INT Holdings Designated Activity Company; CaiusCapital Master Fund; Diameter Master Fund LP; Diameter Dislocation Master Fund II LP; FirTree Credit Opportunity Master Fund, LP; MAP 204 Segregated Portfolio, a segregated portfolioof LMA SPC; Star V Partners LLC; and TQ Master Fund LP.Attorneys for the AHC:QUINN EMANUEL URQUHART & SULLIVAN, LLPChristopher D. Porter (SBN 24070437)Joanna D. Caytas (SBN 24127230)Melanie A. Guzman (SBN 24117175)Cameron M. Kelly (SBN 24120936)700 Louisiana Street, Suite 3900Houston, TX 77002Telephone: (713) 221-7000Facsimile: (713) 221-7100Email: chrisporter@quinnemanuel.comjoannacaytas@quinnemanuel.commelanieguzman@quinnemanuel.comcameronkelly@quinnemanuel.com-and-Benjamin I. Finestone (admitted pro hac vice)Sascha N. Rand (admitted pro hac vice)Katherine A. Scherling (admitted pro hac vice)295 5th AvenueNew York, New York 10016Telephone: (212) 849-7000Facsimile: (212) 849-7100Email: benjaminfinestone@quinnemanuel.comsascharand@quinnemanuel.comkatescherling@quinnemanuel.comB. Positions of appellant in the adversary proceeding or bankruptcy case that isthe subject of this appeal:CreditorsCase 24-90575 Document 296 Filed in TXSB on 01/13/25 Page 2 of 63II. THE SUBJECT OF THIS APPEALA. Judgment, order, or decree appealed from:The Order Denying Motion of the Ad Hoc Committee of Holders of Intrum AB Notes Due2025 to Dismiss Chapter 11 Cases Pursuant to 11 U.S.C. § 1112(b) and Federal Rule ofBankruptcy Procedure 1017(f)(1) (ECF No. 262); the Order (I) Approving Disclosure Statementand (II) Confirming Joint Prepackaged Chapter 11 Plan of Intrum AB and Its Affiliated Debtor(Further Technical Modifications) (ECF No. 263); and the December 31, 2024 Transcript of OralRuling Before the Honorable Christopher M. Lopez United States Bankruptcy Court Judge (ECFNo. 275).B. The date on which the judgment, order, or decree was entered:The Motion to Dismiss Order and the Confirmation Order were entered on December 31,2024. The Court issued its oral ruling accompanying the Motion to Dismiss Order and theConfirmation Order on December 31, 2024.III. OTHER PARTIES TO THIS APPEALIntrum AB and Intrum AB of Texas LLCMILBANK LLPDennis F. Dunne (admitted pro hac vice)Jaimie Fedell (admitted pro hac vice)55 Hudson YardsNew York, NY 10001Telephone: (212) 530-5000Facsimile: (212) 530-5219Email: ddunne@milbank.comjfedell@milbank.com–and–Andrew M. Leblanc (admitted pro hac vice)Melanie Westover Yanez (admitted pro hac vice)1850 K Street, NW, Suite 1100Washington, DC 20006Telephone: (202) 835-7500Facsimile: (202) 263-7586Email: aleblanc@milbank.commwyanez@milbank.com–and–PORTER HEDGES LLPJohn F. Higgins (SBN 09597500)Case 24-90575 Document 296 Filed in TXSB on 01/13/25 Page 3 of 64Eric D. Wade (SBN 00794802)M. Shane Johnson (SBN 24083263)1000 Main Street, 36th FloorHouston TX 77002Telephone: (713) 226-6000Facsimile: (713) 226-6248Email: jhiggins@porterhedges.comewade@porterhedges.comsjohnson@porterhedges.comIV. OTHER PARTIES THAT MAY HAVE AN INTEREST IN THIS APPEALThe following chart lists certain parties that are not parties to this appeal, but that may havean interest in the outcome of the case. These parties should be served with notice of this appealby the Debtors who are aware of their identities and best positioned to provide notice.All Other Creditors of the Debtors, Including, But Not Limited To:• Certain funds and accounts managed by BlackRock Investment Management (UK)Limited or its affiliates;• Capital Four;• Davidson Kempner European Partners, LLP;• Intermediate Capital Managers Limited;• Mandatum Asset Management Ltd;• H.I.G. Capital, LLC;• Spiltan Hograntefond; Spiltan Rantefond Sverige; and Spiltan Aktiefond Stabil;• The RCF SteerCo Group;• Swedbank AB (publ).Any Holder of Stock of the Debtors• Any holder of stock of the Debtors, including their successors and assigns.Case 24-90575 Document 296 Filed in TXSB on 01/13/25 Page 4 of 65Respectfully submitted this 13th day of January, 2025.QUINN EMANUEL URQUHART &SULLIVAN, LLP/s/ Christopher D. PorterChristopher D. Porter (SBN 24070437)Joanna D. Caytas (SBN 24127230)Melanie A. Guzman (SBN 24117175)Cameron M. Kelly (SBN 24120936)700 Louisiana Street, Suite 3900Houston, TX 77002Telephone: (713) 221-7000Facsimile: (713) 221-7100Email: chrisporter@quinnemanuel.comjoannacaytas@quinnemanuel.commelanieguzman@quinnemanuel.comcameronkelly@quinnemanuel.com-and-Benjamin I. Finestone (admitted pro hac vice)Sascha N. Rand (admitted pro hac vice)Katherine A. Scherling (admitted pro hac vice)295 5th AvenueNew York, New York 10016Telephone: (212) 849-7000Facsimile: (212) 849-7100Email: benjaminfinestone@quinnemanuel.comsascharand@quinnemanuel.comkatescherling@quinnemanuel.comCOUNSEL FOR THE AD HOC COMMITTEE OFINTRUM AB 2025 NOTEHOLDERSCase 24-90575 Document 296 Filed in TXSB on 01/13/25 Page 5 of 6CERTIFICATE OF SERVICEI, Christopher D. Porter, hereby certify that on the 13th day of January, 2025, a copy ofthe foregoing document has been served via the Electronic Case Filing System for the UnitedStates Bankruptcy Court for the Southern District of Texas./s/ Christopher D. PorterBy: Christopher D. PorterCase 24-90575 Document 296 Filed in TXSB on 01/13/25 Page 6 of 6EXHIBIT ACase 24-90575 Document 296-1 Filed in TXSB on 01/13/25 Page 1 of 31IN THE UNITED STATES BANKRUPTCY COURTFOR THE SOUTHERN DISTRICT OF TEXASHOUSTON DIVISION)In re: ) Chapter 11)Intrum AB, et al.,1 ) Case No. 24-90575 (CML)))Jointly AdministeredDebtors. ))ORDER DENYING MOTION OF THE AD HOCCOMMITTEE OF HOLDERS OF INTRUM AB NOTES DUE 2025TO DISMISS CHAPTER 11 CASES PURSUANT TO 11 U.S.C. § 1112(B) ANDFEDERAL RULE OF BANKRUPTCY PROCEDURE 1017(F)(1)(Related to Docket No. 27)This matter, having come before the Court upon the Motion of the Ad Hoc Committee ofHolders of Intrum AB Notes Due 2025 to Dismiss Chapter 11 Cases Pursuant to 11 U.S.C. §1112(b) and Federal Rule of Bankruptcy Procedure 1017(f)(1) [Docket No. 27] (the “Motion toDismiss”); and this Court having considered the Debtors' Objection to the Motion of the Ad HocCommittee of Holders of Intrum AB Notes Due 2025 to Dismiss Chapter 11 Cases Pursuant to 11U.S.C. § 1112(b) and Federal Rule of Bankruptcy Procedure 1017(f)(1) (the “Objection”) andany other responses or objections to the Motion to Dismiss; and this Court having jurisdiction overthis matter pursuant to 28 U.S.C. § 1334 and the Amended Standing Order; and this Court havingfound that this is a core proceeding pursuant to 28 U.S.C. § 157(b)(2); and this Court having foundthat it may enter a final order consistent with Article III of the United States Constitution; and thisCourt having found that the relief requested in the Objection is in the best interests of the Debtors'1 The Debtors in these Chapter 11 Cases are Intrum AB and Intrum AB of Texas LLC. The Debtors' serviceaddress in these Chapter 11 Cases is 801 Travis Street, STE 2101, #1312, Houston, TX 77002.United States Bankruptcy CourtSouthern District of TexasENTEREDDecember 31, 2024Nathan Ochsner, ClerkCCaassee 2 244-9-900557755 D Dooccuummeennt t2 29662-1 F Filieledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 1 2 o of f2 32estates; and this Court having found that the Debtors' notice of the Objection and opportunity fora hearing on the Motion to Dismiss and Objection were appropriate and no other notice need beprovided; and this Court having reviewed the Motion to Dismiss and Objection and havingheard the statements in support of the relief requested therein at a hearing before this Court; andthis Court having determined that the legal and factual bases set forth in the Objectionestablish just cause for the relief granted herein; and upon all of the proceedings had beforethis Court; and after due deliberation and sufficient cause appearing therefor, it is HEREBYORDERED THAT:1. The Motion to Dismiss is Denied for the reasons stated at the December 31, 2024 hearing.2. This Court retains exclusive jurisdiction and exclusive venue with respect to allmatters arising from or related to the implementation, interpretation, and enforcement of this Order.DAeucegmubste 0r 23,1 2, 0210294CCaassee 2 244-9-900557755 D Dooccuummeennt t2 29662-1 F Filieledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 2 3 o of f2 3EXHIBIT BCase 24-90575 Document 296-2 Filed in TXSB on 01/13/25 Page 1 of 135IN THE UNITED STATES BANKRUPTCY COURTFOR THE SOUTHERN DISTRICT OF TEXASHOUSTON DIVISION)In re: ) Chapter 11)Intrum AB et al.,1 ) Case No. 24-90575 (CML)))(Jointly Administered)Debtors. ))ORDER (I) APPROVINGDISCLOSURE STATEMENT AND(II) CONFIRMING JOINT PREPACKAGED CHAPTER 11PLAN OF INTRUM AB AND ITS AFFILIATEDDEBTOR (FURTHER TECHNICAL MODIFICATIONS)The above-captioned debtors and debtors in possession (collectively, the“Debtors”), having:a. entered into that certain Lock-Up Agreement, dated as of July 10, 2024 (asamended and restated on August 15, 2024, and as further modified,supplemented, or otherwise amended from time to time in accordance with itsterms, the “the Lock-Up Agreement”) and that certain Backstop Agreement,dated as of July 10, 2024, (as amended and restated on November 15, 2024 andas further modified, supplemented, or otherwise amended from time to time inaccordance with its terms), setting out the terms of the backstop commitmentsprovided by the Backstop Providers to backstop the entirety of the issuance ofNew Money Notes (as may be further amended, restated, amended and restated,modified or supplemented from time to time in accordance with the termsthereof, the “Backstop Agreement”) which set forth the terms of a consensualfinancial restructuring of the Debtors;b. commenced, on October 17, 2024, a prepetition solicitation (the “Solicitation”)of votes on the Joint Prepackaged Chapter 11 Plan of Reorganization of IntrumAB and its Debtor Affiliate Pursuant to Chapter 11 of the Bankruptcy Code (asthe same may be further amended, modified and supplemented from time totime, the “Plan”), by causing the transmittal, through their solicitation andballoting agent, Kroll Restructuring Administration LLC (“Kroll”), to theholders of Claims entitled to vote on the Plan of, among other things: (i) the1 The Debtors in these chapter 11 cases are Intrum AB and Intrum AB of Texas LLC. The Debtors' serviceaddress in these chapter 11 cases is 801 Travis Street, STE 2102, #1312, Houston, TX 77002.United States Bankruptcy CourtSouthern District of TexasENTEREDDecember 31, 2024Nathan Ochsner, ClerkCCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Filieledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 1 2 o of f1 133452Plan, (ii) the Disclosure Statement for Joint Prepackaged Chapter 11 Plan ofReorganization of Intrum AB and its Debtor Affiliate (as the same may befurther amended, modified and supplemented from time to time, the“Disclosure Statement”), and (iii) the Ballots and Master Ballot to vote on thePlan (the “Ballots”), (iv) the Affidavit of Service of Solicitation Materials[Docket No. 7];c. commenced on November 15, 2024 (the “Petition Date”), these chapter 11 cases(these “Chapter 11 Cases”) by filing voluntary petitions in the United StatesBankruptcy Court for the Southern District of Texas (the “Bankruptcy Court”or the “Court”) for relief under chapter 11 of title 11 of the United States Code(the “Bankruptcy Code”);d. Filed on November 15, 2024, the Affidavit of Service of Solicitation Materials[Docket No. 7] (the “Solicitation Affidavit”);e. Filed, on November 16, 2024 the Joint Prepackaged Chapter 11 Plan ofReorganization of Intrum AB and its Debtor Affiliate Pursuant to Chapter 11of the Bankruptcy Code (Technical Modifications) [Docket No. 16] and theDisclosure Statement for Joint Prepackaged Chapter 11 Plan of Intrum AB andits Debtor Affiliate [Docket No. 17];f. Filed on November 16, 2024, the Declaration of Andrés Rubio in Support of ofthe Debtors' Chapter 11 Petitions and First Day Motions [Docket No. 14] (the“First Day Declaration”);g. Filed on November 17, 2024, the Declaration of Alex Orchowski of KrollRestructuring Administration LLC Regarding the Solicitation of Votes andTabulation of Ballots Case on the Joint Prepackaged Chapter 11 Plan ofReorganization of Intrum AB and its Debtor Affiliate Pursuant to Chapter 11of the Bankruptcy Code [Docket No. 18] (the “Voting Declaration,” andtogether with the Plan, the Disclosure Statement, the Ballots, and theSolicitation Affidavit, the “Solicitation Materials”);h. obtained, on November 19, 2024, the Order(I) Scheduling a Combined Hearingon (A) Adequacy of the Disclosure Statement and (B) Confirmation of the Plan,(II) Approving Solicitation Procedures and Form and Manner of Notice ofCommencement, Combined Hearing, and Objection Deadline, (III) FixingDeadline to Object to Disclosure Statement and Plan, (IV) Conditionally (A)Directing the United States Trustee Not to Convene Section 341 Meeting ofCreditors and (B) Waiving Requirement to File Statements of Financial Affairsand Schedules of Assets and Liabilities, and (V) Granting Related Relief[Docket No. 71] (the “Scheduling Order”), which, among other things: (i)approved the prepetition solicitation and voting procedures, including theConfirmation Schedule (as defined therein); (ii) conditionally approved theDisclosure Statement and its use in the Solicitation; and (iii) scheduled theCombined Hearing on December 16, 2024, at 1:00 p.m. (prevailing CentralCCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Filieledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 2 3 o of f1 133453Time) to consider the final approval of the Disclosure Statement and theconfirmation of the Plan (the “Combined Hearing”);i. served, through Kroll, on November 20, 2025, on all known holders of Claimsand Interests, the U.S. Trustee and certain other parties in interest, the Noticeof: (I) Commencement of Chapter 11 Bankruptcy Cases; (II) Hearing on theDisclosure Statement and Confirmation of the Plan, and (III) Certain ObjectionDeadlines (the “Combined Hearing Notice”) as evidence by the Affidavit ofService [Docket No. 160];j. caused, on November 25 and 27, 2024, the Combined Hearing Notice to bepublished in the New York Times (national and international editions) and theFinancial Times (international edition), as evidenced by the Certificate ofPublication [Docket No. 148];k. Filed and served, on December 10, 2024, the Plan Supplement for the Debtors'Joint Prepackaged Chapter 11 Plan of Reorganization [Docket 165];l. Filed on December 10, 2024, the Declaration of Jeffrey Kopa in Support ofConfirmation of the Joint Prepackaged Plan of Reorganization of Intrum ABand its Debtor Affiliate Pursuant to Chapter 11 of the Bankruptcy Code [DocketNo. 155];m. Filed on December 14, 2024, the:i. Debtors' Memorandum of Law in Support of an Order: (I) Approving, on aFinal Basis, Adequacy of the Disclosure Statement; (II) Confirming theJoint Prepackaged Plan of Reorganization; and (III) Granting Related Relief[Docket No. 190] (the “Confirmation Brief”);ii. Declaration of Andrés Rubio in Support of Confirmation of the JointPrepackaged Plan of Reorganization of Intrum AB and its Debtor Affiliate.[Docket No. 189] (the “Confirmation Declaration”); andiii. Joint Prepackaged Chapter 11 Plan of Reorganization of Intrum AB and itsDebtor Affiliate Pursuant to Chapter 11 of the Bankruptcy Code (FurtherTechnical Modifications) [Docket No. 191];n. Filed on December 18, 2024, the Joint Prepackaged Chapter 11 Plan ofReorganization of Intrum AB and its Debtor Affiliate Pursuant to Chapter 11of the Bankruptcy Code (Further Technical Modifications) [Docket No. 223];CCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Filieledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 3 4 o of f1 133454WHEREAS, the Court having, among other things:a. set December 12, 2024, at 4:00 p.m. (prevailing Central Time) as the deadlinefor Filing objection to the adequacy of the Disclosure Statement and/orConfirmation2 of the Plan (the “Objection Deadline”);b. held, on December 16, 2024 at 1:00 p.m. (prevailing Central Time) [andcontinuing through December 17, 2024], the Combined Hearing;c. heard the statements, arguments, and any objections made at the CombinedHearing;d. reviewed the Disclosure Statement, the Plan, the Ballots, the Plan Supplement,the Confirmation Brief, the Confirmation Declaration, the SolicitationAffidavit, and the Voting Declaration;e. overruled (i) any and all objections to approval of the Disclosure Statement, thePlan, and Confirmation, except as otherwise stated or indicated on the record,and (ii) all statements and reservations of rights not consensually resolved orwithdrawn, unless otherwise indicated; andf. reviewed and taken judicial notice of all the papers and pleadings Filed(including any objections, statement, joinders, reservations of rights and otherresponses), all orders entered, and all evidence proffered or adduced and allarguments made at the hearings held before the Court during the pendency ofthese cases;NOW, THEREFORE, it appearing to the Bankruptcy Court that notice of theCombined Hearing and the opportunity for any party in interest to object to the DisclosureStatement and the Plan having been adequate and appropriate as to all parties affected or to beaffected by the Plan and the transactions contemplated thereby, and the legal and factual bases setforth in the documents Filed in support of approval of the Disclosure Statement and Confirmationand other evidence presented at the Combined Hearing establish just cause for the relief grantedherein; and after due deliberation thereon and good cause appearing therefor, the BankruptcyCourt makes and issues the following findings of fact and conclusions of law, and orders for thereasons stated on the record at the December 31, 2024 ruling on plan confirmation;2 Capitalized terms used but not otherwise defined herein have meanings given to them in the Plan and/or theDisclosure Statement. The rules of interpretation set forth in Article I.B of the Plan apply to this CombinedOrder.CCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Filieledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 4 5 o of f1 133455I. FINDINGS OF FACT AND CONCLUSIONS OF LAWIT IS HEREBY FOUND AND DETERMINED THAT:A. Findings of Fact and Conclusions of Law.1. The findings and conclusions set forth herein and in the record of theCombined Hearing constitute the Bankruptcy Court's findings of fact and conclusions of law underRule 52 of the Federal Rules of Civil Procedure, as made applicable herein by Bankruptcy Rules7052 and 9014. To the extent any of the following conclusions of law constitute findings of fact,or vice versa, they are adopted as such.B. Jurisdiction, Venue, Core Proceeding.2. This Court has jurisdiction over these Chapter 11 Cases pursuant to28 U.S.C. § 1334. Venue of these proceedings and the Chapter 11 Cases in this district is properpursuant to 28 U.S.C. §§ 1408 and 1409. This is a core proceeding pursuant to 28 U.S.C.§ 157(b)(2) and this Court may enter a final order hereon under Article III of the United StatesConstitution.C. Eligibility for Relief.3. The Debtors were and continue to be entities eligible for relief under section109 of the Bankruptcy Code and the Debtors were and continue to be proper proponents of thePlan under section 1121(a) of the Bankruptcy Code.D. Commencement and Joint Administration of the Chapter 11 Cases.4. On the Petition Date, the Debtors commenced the Chapter 11 Cases. OnNovember 18, 2024, the Court entered an order [Docket No. 51] authorizing the jointadministration of the Chapter 11 Case in accordance with Bankruptcy Rule 1015(b). The Debtorshave operated their businesses and managed their properties as debtors in possession pursuant toCCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Filieledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 5 6 o of f1 133456sections 1107(a) and 1108 of the Bankruptcy Code. No trustee, examiner, or statutory committeehas been appointed in these Chapter 11 Cases.E. Adequacy of the Disclosure Statement.5. The Disclosure Statement and the exhibits contained therein (i) containssufficient information of a kind necessary to satisfy the disclosure requirements of applicablenonbankruptcy laws, rules and regulations, including the Securities Act; and (ii) contains“adequate information” as such term is defined in section 1125(a)(1) and used in section1126(b)(2) of the Bankruptcy Code, with respect to the Debtors, the Plan and the transactionscontemplated therein. The Filing of the Disclosure Statement satisfied Bankruptcy Rule 3016(b).The injunction, release, and exculpation provisions in the Plan and the Disclosure Statementdescribe, in bold font and with specific and conspicuous language, all acts to be enjoined andidentify the Entities that will be subject to the injunction, thereby satisfying Bankruptcy Rule3016(c).F. Solicitation.6. As described in and evidenced by the Voting Declaration, the Solicitationand the transmittal and service of the Solicitation Materials were: (i) timely, adequate, appropriate,and sufficient under the circumstances; and (ii) in compliance with sections 1125(g) and 1126(b)of the Bankruptcy Code, Bankruptcy Rules 3017 and 3018, the applicable Local Bankruptcy Rules,the Scheduling Order and all applicable nonbankruptcy rules, laws, and regulations applicable tothe Solicitation, including the registration requirements under the Securities Act. The SolicitationMaterials, including the Ballots and the Opt Out Form (as defined below), adequately informedthe holders of Claims entitled to vote on the Plan of the procedures and deadline for completingand submitting the Ballots.CCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Filieledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 6 7 o of f1 1334577. The Debtors served the Combined Hearing Notice on the entire creditormatrix and served the Opt Out Form on all Non-Voting Classes. The Combined Hearing Noticeadequately informed Holders of Claims or Interests of critical information regarding voting on (ifapplicable) and objecting to the Plan, including deadlines and the inclusion of release, exculpation,and injunction provisions in the Plan, and adequately summarized the terms of the Third-PartyRelease. Further, because the form enabling stakeholders to opt out of the Third-Party Release (the“Opt Out Form”) was included in both the Ballots and the Opt Out Form, every known stakeholder,including unimpaired creditors was provided with the means by which the stakeholders could optout of the Third-Party Release. No further notice is required. The period for voting on the Planprovided a reasonable and sufficient period of time and the manner of such solicitation was anappropriate process allowing for such holders to make an informed decision.G. Tabulation.8. As described in and evidenced by the Voting Declaration, (i) the holders ofClaims in Class 3 (RCF Claims) and Class 5 (Notes Claims) are Impaired under the Plan(collectively, the “Voting Classes”) and have voted to accept the Plan in the numbers and amountsrequired by section 1126 of the Bankruptcy Code, and (ii) no Class that was entitled to vote on thePlan voted to reject the Plan. All procedures used to tabulate the votes on the Plan were in goodfaith, fair, reasonable, and conducted in accordance with the applicable provisions of theBankruptcy Code, the Bankruptcy Rules, the Local Rules, the Disclosure Statement, theScheduling Order, and all other applicable nonbankruptcy laws, rules, and regulations.H. Plan Supplement.9. On December 10, 2024, the Debtors Filed the Plan Supplement with theCourt. The Plan Supplement (including as subsequently modified, supplemented, or otherwiseCCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Filieledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 7 8 o of f1 133458amended pursuant to a filing with the Court), complies with the terms of the Plan, and the Debtorsprovided good and proper notice of the filing in accordance with the Bankruptcy Code, theBankruptcy Rules, the Scheduling Order, and the facts and circumstances of the Chapter 11 Cases.All documents included in the Plan Supplement are integral to, part of, and incorporated byreference into the Plan. No other or further notice is or will be required with respect to the PlanSupplement. Subject to the terms of the Plan and the Lock-Up Agreement, and only consistenttherewith, the Debtors reserve the right to alter, amend, update, or modify the Plan Supplementand any of the documents contained therein or related thereto, in accordance with the Plan, on orbefore the Effective Date.I. Modifications to the Plan.10. Pursuant to section 1127 of the Bankruptcy Code, the modifications to thePlan described or set forth in this Combined Order constitute technical or clarifying changes,changes with respect to particular Claims by agreement with holders of such Claims, ormodifications that do not otherwise materially and adversely affect or change the treatment of anyother Claim or Interest under the Plan. These modifications are consistent with the disclosurespreviously made pursuant to the Disclosure Statement and Solicitation Materials, and notice ofthese modifications was adequate and appropriate under the facts and circumstances of the Chapter11 Cases. In accordance with Bankruptcy Rule 3019, these modifications do not require additionaldisclosure under section 1125 of the Bankruptcy Code or the resolicitation of votes under section1126 of the Bankruptcy Code, and they do not require that holders of Claims or Interests beafforded an opportunity to change previously cast acceptances or rejections of the Plan.Accordingly, the Plan is properly before this Court and all votes cast with respect to the Plan priorto such modification shall be binding and shall apply with respect to the Plan.CCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Filieledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 8 9 o of f1 133459J. Objections Overruled.11. Any resolution or disposition of objections to Confirmation explained orotherwise ruled upon by the Court on the record at the Confirmation Hearing is herebyincorporated by reference. All unresolved objections, statements, joinders, informal objections,and reservations of rights are hereby overruled on the merits.K. Burden of Proof.12. The Debtors, as proponents of the Plan, have met their burden of provingthe elements of sections 1129(a) and 1129(b) of the Bankruptcy Code by a preponderance of theevidence, the applicable evidentiary standard for Confirmation. Further, the Debtors have proventhe elements of sections 1129(a) and 1129(b) by clear and convincing evidence. Each witness whotestified on behalf of the Debtors in connection with the Confirmation Hearing was credible,reliable, and qualified to testify as to the topics addressed in his testimony.L. Compliance with the Requirements of Section 1129 of the BankruptcyCode.13. The Plan complies with all applicable provisions of section 1129 of theBankruptcy Code as follows:a. Section 1129(a)(1) – Compliance of the Plan with Applicable Provisions of theBankruptcy Code.14. The Plan complies with all applicable provisions of the Bankruptcy Code,including sections 1122 and 1123, as required by section 1129(a)(1) of the Bankruptcy Code.i. Section 1122 and 1123(a)(1) – Proper Classification.15. The classification of Claims and Interests under the Plan is proper under theBankruptcy Code. In accordance with sections 1122(a) and 1123(a)(1) of the Bankruptcy Code,Article III of the Plan provides for the separate classification of Claims and Interests at each Debtorinto Classes, based on differences in the legal nature or priority of such Claims and Interests (otherCaCsaes e2 42-49-09507557 5 D oDcoucmumenetn 2t 9266-32 FFiilleedd iinn TTXXSSBB oonn 1021//3113//2245 PPaaggee 91 0o fo 1f 3143510than Administrative Claims, Professional Fee Claims, and Priority Tax Claims, which areaddressed in Article II of the Plan and Unimpaired, and are not required to be designated asseparate Classes in accordance with section 1123(a)(1) of the Bankruptcy Code). Valid business,factual, and legal reasons exist for the separate classification of the various Classes of Claims andInterests created under the Plan, the classifications were not implemented for any improperpurpose, and the creation of such Classes does not unfairly discriminate between or among holdersof Claims or Interests.16. In accordance with section 1122(a) of the Bankruptcy Code, each Class ofClaims or Interests contains only Claims or Interests substantially similar to the other Claims orInterests within that Class. Accordingly, the Plan satisfies the requirements of sections 1122(a),1122(b), and 1123(a)(1) of the Bankruptcy Codeii. Section 1123(a)(2) – Specifications of Unimpaired Classes.17. Article III of the Plan specifies that Claims and Interests in the classesdeemed to accept the Plan are Unimpaired under the Plan. Holders of Intercompany Claims andIntercompany Interests are either Unimpaired and conclusively presumed to have accepted thePlan, or are Impaired and deemed to reject (the “Deemed Rejecting Classes”) the Plan, and, ineither event, are not entitled to vote to accept or reject the Plan. In addition, Article II of the Planspecifies that Administrative Claims and Priority Tax Claims are Unimpaired, although the Plandoes not classify these Claims. Accordingly, the Plan satisfies the requirements of section1123(a)(2) of the Bankruptcy Code.CCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Fileiledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 1 101 o of f1 1334511iii. Section 1123(a)(3) – Specification of Treatment of Voting Classes18. Article III.B of the Plan specifies the treatment of each Voting Class underthe Plan – namely, Class 3 and Class 5. Accordingly, the Plan satisfies the requirements of section1123(a)(3) of the Bankruptcy Code.iv. Section 1123(a)(4) – No Discrimination.19. Article III of the Plan provides the same treatment to each Claim or Interestin any particular Class, as the case may be, unless the holder of a particular Claim or Interest hasagreed to a less favorable treatment with respect to such Claim or Interest. Accordingly, the Plansatisfies the requirements of section 1123(a)(4) of the Bankruptcy Code.v. Section 1123(a)(5) – Adequate Means for Plan Implementation.20. The Plan and the various documents included in the Plan Supplementprovide adequate and proper means for the Plan's execution and implementation, including: (a)the general settlement of Claims and Interests; (b) the restructuring of the Debtors' balance sheetand other financial transactions provided for by the Plan; (c) the consummation of the transactionscontemplated by the Plan, the Lock-Up Agreement, the Restructuring Implementation Deed andthe Agreed Steps Plan and other documents Filed as part of the Plan Supplement; (d) the issuanceof Exchange Notes, the New Money Notes, and the Noteholder Ordinary Shares pursuant to thePlan; (e) the amendment of the Intercreditor Agreement; (f) the amendment of the FacilityAgreement; (g) the amendment of the Senior Secured Term Loan Agreement; (h) theconsummation of the Rights Offering in accordance with the Plan, Rights Offering Documentsand the Lock-Up Agreement; (i) the granting of all Liens and security interests granted orconfirmed (as applicable) pursuant to, or in connection with, the Facility Agreement, the ExchangeNotes Indenture, the New Money Notes Indenture, the amended Intercreditor Agreement and theCCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Fileiledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 1 112 o of f1 1334512Senior Secured Term Loan Agreement pursuant to the New Security Documents (including anyLiens and security interests granted or confirmed (as applicable) on the Reorganized Debtors'assets); (j) the vesting of the assets of the Debtors' Estates in the Reorganized Debtors; (k) theconsummation of the corporate reorganization contemplated by the Plan, the Lock-Up Agreement,the Agreed Steps Plan and the Master Reorganization Agreement (as defined in the RestructuringImplementation Deed); and (l) the execution, delivery, filing, or recording of all contracts,instruments, releases, and other agreements or documents in furtherance of the Plan. Accordingly,the Plan satisfies the requirements of section 1123(a)(5) of the Bankruptcy Codevi. Section 1123(a)(6) – Non-Voting Equity Securities.21. The Company's organizational documents in accordance with the SwedishCompanies Act, Ch. 4, Sec 5 and the Plan prohibit the issuance of non-voting securities as of theEffective Date to the extent required to comply with section 1123(a)(6) of the Bankruptcy Code.Accordingly, the Plan satisfies the requirements of section 1123(a)(6) of the Bankruptcy Code.vii. Section 1123(a)(7) – Directors, Officers, and Trustees.22. The manner of selection of any officer, director, or trustee (or any successorto and such officer, director, or trustee) of the Reorganized Debtors will be determined inaccordance with the existing organizational documents, which is consistent with the interests ofcreditors and equity holders and with public policy. Accordingly, the Plan satisfies therequirements of section 1123(a)(7) of the Bankruptcy Code.b. Section 1123(b) – Discretionary Contents of the Plan23. The Plan contains various provisions that may be construed as discretionarybut not necessary for Confirmation under the Bankruptcy Code. Any such discretionary provisionCCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Fileiledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 1 123 o of f1 1334513complies with section 1123(b) of the Bankruptcy Code and is not inconsistent with the applicableprovisions of the Bankruptcy Code. Thus, the Plan satisfies section 1123(b).i. Section 1123(b)(1) – Impairment/Unimpairment of Any Class of Claims orInterests24. Article III of the Plan impairs or leaves unimpaired, as the case may be,each Class of Claims or Interests, as contemplated by section 1123(b)(1) of the Bankruptcy Code.ii. Section 1123(b)(2) – Assumption and Rejection of Executory Contracts andUnexpired Leases25. Article V of the Plan provides for the assumption of the Debtors' ExecutoryContracts and Unexpired Leases as of the Effective Date unless such Executory Contract orUnexpired Lease: (a) is identified on the Rejected Executory Contract and Unexpired Lease List;(b) has been previously rejected by a Final Order; (c) is the subject of a motion to reject ExecutoryContracts or Unexpired Leases that is pending on the Confirmation Date; or (4) is subject to amotion to reject an Executory Contract or Unexpired Lease pursuant to which the requestedeffective date of such rejection is after the Effective Date. Thus, the Plan satisfies section1123(b)(2).iii. Compromise and Settlement26. In accordance with section 1123(b)(3)(A) of the Bankruptcy Code andBankruptcy Rule 9019, and in consideration for the distributions and other benefits provided underthe Plan, the provisions of the Plan constitute a good-faith compromise of all Claims, Interests,and controversies relating to the contractual, legal, and subordination rights that all holders ofClaims or Interests may have with respect to any Allowed Claim or Interest or any distribution tobe made on account of such Allowed Claim or Interest. Such compromise and settlement is theproduct of extensive arm's-length, good faith negotiations that, in addition to the Plan, resulted inCCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Fileiledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 1 134 o of f1 1334514the execution of the Lock-Up Agreement, which represents a fair and reasonable compromise ofall Claims, Interests, and controversies and entry into which represented a sound exercise of theDebtors' business judgment. Such compromise and settlement is fair, equitable, and reasonableand in the best interests of the Debtors and their Estates.27. The releases of the Debtors' directors and officers are an integral componentof the settlements and compromises embodied in the Plan. The Debtors' directors and officers: (a)made a substantial and valuable contribution to the Debtors' restructuring, including extensive preandpost-Petition Date negotiations with stakeholder groups, and ensured the uninterruptedoperation of the Debtors' businesses during the Chapter 11 Cases; (b) invested significant timeand effort to make the restructuring a success and maximize the value of the Debtors' businessesin a challenging operating environment; (c) attended and, in certain instances, testified atdepositions and Court hearings; (d) attended and participated in numerous stakeholder meetings,management meetings, and board meetings related to the restructuring; (e) are entitled toindemnification from the Debtors under applicable non-bankruptcy law, organizationaldocuments, and agreements; (f) invested significant time and effort in the preparation of the Lock-Up Agreement, the Plan, Disclosure Statement, all supporting analyses, and the numerous otherpleadings Filed in the Chapter 11 Cases, thereby ensuring the smooth administration of the Chapter11 Cases; and (g) are entitled to all other benefits under any employment contracts existing as ofthe Petition Date. Litigation by the Debtors or other Releasing Parties against the Debtors'directors and officers would be a distraction to the Debtors' business and restructuring and woulddecrease rather than increase the value of the estates. The releases of the Debtors' directors andofficers contained in the Plan have the consent of the Debtors and the Releasing Parties and are inthe best interests of the estates.CCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Fileiledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 1 145 o of f1 1334515iv. Debtor Release28. The releases of claims and Causes of Action by the Debtors, ReorganizedDebtors, and their Estates described in Article VIII.C of the Plan in accordance with section1123(b) of the Bankruptcy Code (the “Debtor Release”) represent a valid exercise of the Debtors'business judgment under Bankruptcy Rule 9019. The Debtors' or the Reorganized Debtors' pursuitof any such claims against the Released Parties is not in the best interests of the Estates' variousconstituencies because the costs involved would outweigh any potential benefit from pursuingsuch claims. The Debtor Release is fair and equitable and complies with the absolute priority rule.29. The Debtor Release is (a) an integral part of the Plan, and a component ofthe comprehensive settlement implemented under the Plan; (b) in exchange for the good andvaluable consideration provided by the Released Parties; (c) a good faith settlement andcompromise of the claims and Causes of Action released by the Debtor Release; (d) materiallybeneficial to, and in the best interests of, the Debtors, their Estates, and their stakeholders, and isimportant to the overall objectives of the Plan to finally resolve certain Claims among or againstcertain parties in interest in the Chapter 11 Cases; (e) fair, equitable, and reasonable; (f) given andmade after due notice and opportunity for hearing; and (g) a bar to any Debtor asserting any claimor Cause of Action released by the Debtor Release against any of the Released Parties. Theprobability of success in litigation with respect to the released claims and Causes of Action, whenweighed against the costs, supports the Debtor Release. With respect to each of these potentialCauses of Action, the parties could assert colorable defenses and the probability of success isuncertain. The Debtors' or the Reorganized Debtors' pursuit of any such claims or Causes ofAction against the Released Parties is not in the best interests of the Estates or the Debtors' variousCCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Fileiledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 1 156 o of f1 1334516constituencies because the costs involved would likely outweigh any potential benefit frompursuing such claims or Causes of Action30. Holders of Claims and Interests entitled to vote have overwhelmingly votedin favor of the Plan, including the Debtor Release. The Plan, including the Debtor Release, wasnegotiated before and after the Petition Date by sophisticated parties represented by able counseland advisors, including the Consenting Creditors. The Debtor Release is therefore the result of ahard fought and arm's-length negotiation process conducted in good faith.31. The Debtor Release appropriately offers protection to parties thatparticipated in the Debtors' restructuring process, including the Consenting Creditors, whoseparticipation in the Chapter 11 Cases is critical to the Debtors' successful emergence frombankruptcy. Specifically, the Released Parties, including the Consenting Creditors, madesignificant concessions and contributions to the Chapter 11 Cases, including, entering into theLock-Up Agreement and related agreements, supporting the Plan and the Chapter 11 Cases, andwaiving or agreeing to impair substantial rights and Claims against the Debtors under the Plan (aspart of the compromises composing the settlement underlying the revised Plan) in order tofacilitate a consensual reorganization and the Debtors' emergence from chapter 11. The DebtorRelease for the Debtors' directors and officers is appropriate because the Debtors' directors andofficers share an identity of interest with the Debtors and, as previously stated, supported and madesubstantial contributions to the success of the Plan, the Chapter 11 Cases, and operation of theDebtors' business during the Chapter 11 Cases, actively participated in meetings, negotiations, andimplementation during the Chapter 11 Cases, and have provided other valuable consideration tothe Debtors to facilitate the Debtors' successful reorganization and continued operation.CCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Fileiledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 1 167 o of f1 133451732. The scope of the Debtor Release is appropriately tailored under the factsand circumstances of the Chapter 11 Cases. In light of, among other things, the value provided bythe Released Parties to the Debtors' Estates and the critical nature of the Debtor Release to thePlan, the Debtor Release is appropriate.v. Release by Holders of Claims and Interests33. The release by the Releasing Parties (the “Third-Party Release”), set forthin Article VIII.D of the Plan, is an essential provision of the Plan. The Third-Party Release is: (a)consensual as to those Releasing Parties that did not specifically and timely object or properly optout from the Third-Party Release; (b) within the jurisdiction of the Bankruptcy Court pursuant to28 U.S.C. § 1334; (c) in exchange for the good and valuable consideration provided by theReleased Parties; (d) a good faith settlement and compromise of the claims and Causes of Actionreleased by the Third-Party Release; (e) materially beneficial to, and in the best interests of, theDebtors, their Estates, and their stakeholders, and is important to the overall objectives of the Planto finally resolve certain Claims among or against certain parties in interest in the Chapter 11Cases; (f) fair, equitable, and reasonable; (g) given and made after due notice and opportunity forhearing; (h) appropriately narrow in scope given that it expressly excludes, among other things,any Cause of Action that is judicially determined by a Final Order to have constituted actual fraud,willful misconduct, or gross negligence; (i) a bar to any of the Releasing Parties asserting anyclaim or Cause of Action released by the Third-Party Release against any of the Released Parties;and (j) consistent with sections 105, 524, 1123, 1129, and 1141 and other applicable provisions ofthe Bankruptcy Code.34. The Third-Party Release is an integral part of the agreement embodied inthe Plan among the relevant parties in interest. Like the Debtor Release, the Third-Party ReleaseCCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Fileiledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 1 178 o of f1 1334518facilitated participation in both the Debtors' Plan and the chapter 11 process generally. The Third-Party Release is instrumental to the Plan and was critical in incentivizing parties to support thePlan and preventing significant and time-consuming litigation regarding the parties' respectiverights and interests. The Third-Party Release was a core negotiation point in connection with thePlan and instrumental in developing the Plan that maximized value for all of the Debtors'stakeholders and kept the Debtors intact as a going concern. As such, the Third-Party Releaseappropriately offers certain protections to parties who constructively participated in the Debtors'restructuring process—including the Consenting Creditors (as set forth above)—by, among otherthings, facilitating the negotiation and consummation of the Plan, supporting the Plan and, in thecase of the Backstop Providers, committing to provide new capital to facilitate the Debtors'emergence from chapter 11. Specifically, the Notes Ad Hoc Group proposed and negotiated thepari passu transaction that is the basis of the restructuring proposed under the Plan and provideda much-needed deleveraging to the Debtors' business while taking a discount on their Claims (inexchange for other consideration).35. Furthermore, the Third-Party Release is consensual as to all parties ininterest, including all Releasing Parties, and such parties in interest were provided notice of thechapter 11 proceedings, the Plan, the deadline to object to confirmation of the Plan, and theCombined Hearing and were properly informed that all holders of Claims against or Interests inthe Debtors that did not file an objection with the Court in the Chapter 11 Cases that included anexpress objection to the inclusion of such holder as a Releasing Party under the provisionscontained in Article VIII of the Plan would be deemed to have expressly, unconditionally,generally, individually, and collectively consented to the release and discharge of all claims andCauses of Action against the Debtors and the Released Parties. Additionally, the release provisionsCCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Fileiledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 1 189 o of f1 1334519of the Plan were conspicuous, emphasized with boldface type in the Plan, the DisclosureStatement, the Ballots, and the applicable notices. Except as set forth in the Plan, all ReleasingParties were properly informed that unless they (a) checked the “opt out” box on the applicableBallot or opt-out form and returned the same in advance of the Voting Deadline, as applicable, or(b) timely Filed an objection to the releases contained in the Plan that was not resolved beforeentry of this Confirmation Order, they would be deemed to have expressly consented to the releaseof all Claims and Causes of Action against the Released Parties.36. The Ballots sent to all holders of Claims and Interests entitled to vote, aswell as the notice of the Combined Hearing sent to all known parties in interest (including thosenot entitled to vote on the Plan), unambiguously provided in bold letters that the Third-PartyRelease was contained in the Plan.37. The scope of the Third-Party Release is appropriately tailored under thefacts and circumstances of the Chapter 11 Cases, and parties in interest received due and adequatenotice of the Third-Party Release. Among other things, the Plan provides appropriate and specificdisclosure with respect to the claims and Causes of Action that are subject to the Third-PartyRelease, and no other disclosure is necessary. The Debtors, as evidenced by the VotingDeclaration and Certificate of Publication, including by providing actual notice to all knownparties in interest, including all known holders of Claims against, and Interests in, any Debtor andpublishing notice in international and national publications for the benefit of unknown parties ininterest, provided sufficient notice of the Third-Party Release, and no further or other notice isnecessary. The Third-Party Release is designed to provide finality for the Debtors, theReorganized Debtors and the Released Parties regarding the parties' respective obligations underthe Plan. For the avoidance of doubt, and notwithstanding anything to the contrary, anyparty who timely opted-out of the Third-Party Release is not bound by the Third-PartyRelease.CCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Fileiledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 1 290 o of f1 133452038. The Third-Party Release is specific in language, integral to the Plan, andgiven for substantial consideration. The Releasing Parties were given due and adequate notice ofthe Third-Party Release, and thus the Third-Party Release is consensual under controllingprecedent as to those Releasing Parties that did not specifically and timely object. In light of,among other things, the value provided by the Released Parties to the Debtors' Estates and theconsensual and critical nature of the Third-Party Release to the Plan, the Third-Party Release isappropriatevi. Exculpation.39. The exculpation described in Article VIII.E of the Plan (the “Exculpation”)is appropriate under applicable law, including In re Highland Capital Mgmt., L.P., 48 F. 4th 419(5th Cir. 2022), because it was supported by proper evidence, proposed in good faith, wasformulated following extensive good-faith, arm's-length negotiations with key constituents, and isappropriately limited in scope.40. No Entity or Person may commence or continue any action, employ anyprocess, or take any other act to pursue, collect, recover or offset any Claim, Interest, debt,obligation, or Cause of Action relating or reasonably likely to relate to any act or commission inconnection with, relating to, or arising out of a Covered Matter (including one that alleges theactual fraud, gross negligence, or willful misconduct of a Covered Entity), unless expresslyauthorized by the Bankruptcy Court after (1) it determines, after a notice and a hearing, such Claim,Interest, debt, obligation, or Cause of Action is colorable and (2) it specifically authorizes suchEntity or Person to bring such Claim or Cause of Action. The Bankruptcy Court shall have soleand exclusive jurisdiction to determine whether any such Claim, Interest, debt, obligation or Causeof Action is colorable and, only to the extent legally permissible and as provided for in Article XI,CCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Fileiledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 2 201 o of f1 1334521shall have jurisdiction to adjudicate such underlying colorable Claim, Interest, debt, obligation, orCause of Action.vii. Injunction.41. The injunction provisions set forth in Article VIII.F of the Plan are essentialto the Plan and are necessary to implement the Plan and to preserve and enforce the discharge,Debtor Release, the Third-Party Release, and the Exculpation provisions in Article VIII of thePlan. The injunction provisions are appropriately tailored to achieve those purposes.viii. Preservation of Claims and Causes of Action.42. Article IV.L of the Plan appropriately provides for the preservation by theDebtors of certain Causes of Action in accordance with section 1123(b) of the Bankruptcy Code.Causes of Action not released by the Debtors or exculpated under the Plan will be retained by theReorganized Debtors as provided by the Plan. The Plan is sufficiently specific with respect to theCauses of Action to be retained by the Debtors, and the Plan and Plan Supplement providemeaningful disclosure with respect to the potential Causes of Action that the Debtors may retain,and all parties in interest received adequate notice with respect to such retained Causes of Action.The provisions regarding Causes of Action in the Plan are appropriate and in the best interests ofthe Debtors, their respective Estates, and holders of Claims or Interests. For the avoidance of anydoubt, Causes of Action released or exculpated under the Plan will not be retained by theReorganized Debtors.c. Section 1123(d) – Cure of Defaults43. Article V.D of the Plan provides for the satisfaction of Cure Claimsassociated with each Executory Contract and Unexpired Lease to be assumed in accordance withsection 365(b)(1) of the Bankruptcy Code. Any monetary defaults under each assumed ExecutoryCCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Fileiledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 2 212 o of f1 1334522Contract or Unexpired Lease shall be satisfied, pursuant to section 365(b)(1) of the BankruptcyCode, by payment of the default amount in Cash on the Effective Date, subject to the limitationsdescribed in Article V.D of the Plan, or on such other terms as the parties to such ExecutoryContracts or Unexpired Leases may otherwise agree. Any Disputed Cure Amounts will bedetermined in accordance with the procedures set forth in Article V.D of the Plan, and applicablebankruptcy and nonbankruptcy law. As such, the Plan provides that the Debtors will Cure, orprovide adequate assurance that the Debtors will promptly Cure, defaults with respect to assumedExecutory Contracts and Unexpired Leases in accordance with section 365(b)(1) of theBankruptcy Code. Thus, the Plan complies with section 1123(d) of the Bankruptcy Code.d. Section 1129(a)(2) – Compliance of the Debtors and Others with the ApplicableProvisions of the Bankruptcy Code.44. The Debtors, as proponents of the Plan, have complied with all applicableprovisions of the Bankruptcy Code as required by section 1129(a)(2) of the Bankruptcy Code,including sections 1122, 1123, 1124, 1125, 1126, and 1128, and Bankruptcy Rules 3017, 3018,and 3019.e. Section 1129(a)(3) – Proposal of Plan in Good Faith.45. The Debtors have proposed the Plan in good faith, in accordance with theBankruptcy Code requirements, and not by any means forbidden by law. In determining that thePlan has been proposed in good faith, the Court has examined the totality of the circumstancesfiling of the Chapter 11 Cases, including the formation of Intrum AB of Texas LLC (“IntrumTexas”), the Plan itself, and the process leading to its formulation. The Debtors' good faith isevident from the facts and record of the Chapter 11 Cases, the Disclosure Statement, and the recordof the Combined Hearing and other proceedings held in the Chapter 11 CasesCCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Fileiledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 2 223 o of f1 133452346. The Plan (including the Plan Supplement and all other documents necessaryto effectuate the Plan) is the product of good faith, arm's-length negotiations by and among theDebtors, the Debtors' directors and officers and the Debtors' key stakeholders, including theConsenting Creditors and each of their respective professionals. The Plan itself and the processleading to its formulation provide independent evidence of the Debtors' and such other parties'good faith, serve the public interest, and assure fair treatment of holders of Claims or Interests.Consistent with the overriding purpose of chapter 11, the Debtors Filed the Chapter 11 Cases withthe belief that the Debtors were in need of reorganization and the Plan was negotiated and proposedwith the intention of accomplishing a successful reorganization and maximizing stakeholder value,and for no ulterior purpose. Accordingly, the requirements of section 1129(a)(3) of the BankruptcyCode are satisfied.f. Section 1129(a)(4) – Court Approval of Certain Payments as Reasonable.47. Any payment made or to be made by the Debtors, or by a person issuingsecurities or acquiring property under the Plan, for services or costs and expenses in connectionwith the Chapter 11 Cases, or in connection with the Plan and incident to the Chapter 11 Cases,has been approved by, or is subject to the approval of, the Court as reasonable. Accordingly, thePlan satisfies the requirements of section 1129(a)(4).g. Section 1129(a)(5)—Disclosure of Directors and Officers and Consistency with theInterests of Creditors and Public Policy.48. The identities of or process for appointment of the Reorganized Debtors'directors and officers proposed to serve after the Effective Date were disclosed in the PlanSupplement in advance of the Combined Hearing. Accordingly, the Debtors have satisfied therequirements of section 1129(a)(5) of the Bankruptcy Code.CCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Fileiledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 2 234 o of f1 1334524h. Section 1129(a)(6)—Rate Changes.49. The Plan does not contain any rate changes subject to the jurisdiction of anygovernmental regulatory commission and therefore will not require governmental regulatoryapproval. Therefore, section 1129(a)(6) of the Bankruptcy Code does not apply to the Plan.i. Section 1129(a)(7)—Best Interests of Holders of Claims and Interests.50. The liquidation analysis attached as Exhibit D to the Disclosure Statementand the other evidence in support of the Plan that was proffered or adduced at the CombinedHearing, and the facts and circumstances of the Chapter 11 Cases are (a) reasonable, persuasive,credible, and accurate as of the dates such analysis or evidence was prepared, presented orproffered; (b) utilize reasonable and appropriate methodologies and assumptions; (c) have not beencontroverted by other evidence; and (d) establish that each holder of Allowed Claims or Interestsin each Class will recover as much or more value under the Plan on account of such Claim orInterest, as of the Effective Date, than the amount such holder would receive if the Debtors wereliquidated on the Effective Date under chapter 7 of the Bankruptcy Code or has accepted the Plan.As a result, the Debtors have demonstrated that the Plan is in the best interests of their creditorsand equity holders and the requirements of section 1129(a)(7) of the Bankruptcy Code are satisfied.j. Section 1129(a)(8)—Conclusive Presumption of Acceptance by UnimpairedClasses; Acceptance of the Plan by Certain Voting Classes.51. The classes deemed to accept the Plan are Unimpaired under the Plan andare deemed to have accepted the Plan pursuant to section 1126(f) of the Bankruptcy Code. EachVoting Class voted to accept the Plan. For the avoidance of doubt, however, even if section1129(a)(8) has not been satisfied with respect to all of the Debtors, the Plan is confirmable becausethe Plan does not discriminate unfairly and is fair and equitable with respect to the Voting Classesand thus satisfies section 1129(b) of the Bankruptcy Code with respect to such Classes as describedCCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Fileiledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 2 245 o of f1 1334525further below. As a result, the requirements of section 1129(b) of the Bankruptcy Code are alsosatisfied.k. Section 1129(a)(9)—Treatment of Claims Entitled to Priority Pursuant to Section507(a) of the Bankruptcy Code.52. The treatment of Administrative Claims, Professional Fee Claims, andPriority Tax Claims under Article II of the Plan satisfies the requirements of, and complies in allrespects with, section 1129(a)(9) of the Bankruptcy Code.l. Section 1129(a)(10)—Acceptance by at Least One Voting Class.53. As set forth in the Voting Declaration, all Voting Classes overwhelminglyvoted to accept the Plan. As such, there is at least one Voting Class that has accepted the Plan,determined without including any acceptance of the Plan by any insider (as defined by theBankruptcy Code), for each Debtor. Accordingly, the requirements of section 1129(a)(10) of theBankruptcy Code are satisfied.m. Section 1129(a)(11)—Feasibility of the Plan.54. The Plan satisfies section 1129(a)(11) of the Bankruptcy Code. Thefinancial projections attached to the Disclosure Statement as Exhibit D and the other evidencesupporting the Plan proffered or adduced by the Debtors at or before the Combined Hearing: (a)is reasonable, persuasive, credible, and accurate as of the dates such evidence was prepared,presented, or proffered; (b) utilize reasonable and appropriate methodologies and assumptions; (c)has not been controverted by other persuasive evidence; (d) establishes that the Plan is feasibleand Confirmation of the Plan is not likely to be followed by liquidation or the need for furtherfinancial reorganization; (e) establishes that the Debtors will have sufficient funds available tomeet their obligations under the Plan and in the ordinary course of business—including sufficientamounts of Cash to reasonably ensure payment of Allowed Claims that will receive CashCCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Fileiledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 2 256 o of f1 1334526distributions pursuant to the terms of the Plan and other Cash payments required under the Plan;and (f) establishes that the Debtors or the Reorganized Debtors, as applicable, will have thefinancial wherewithal to pay any Claims that accrue, become payable, or are allowed by FinalOrder following the Effective Date. Accordingly, the Plan satisfies the requirements of section1129(a)(11) of the Bankruptcy Code.n. Section 1129(a)(12)—Payment of Statutory Fees.55. Article XII.C of the Plan provides that all fees payable pursuant to section1930(a) of the Judicial Code, as determined by the Court at the Confirmation Hearing inaccordance with section 1128 of the Bankruptcy Code, will be paid by each of the applicableReorganized Debtors for each quarter (including any fraction of a quarter) until the Chapter 11Cases are converted, dismissed, or closed, whichever occurs first. Accordingly, the Plan satisfiesthe requirements of section 1129(a)(12) of the Bankruptcy Code.o. Section 1129(a)(13)—Retiree Benefits.56. Pursuant to section 1129(a)(13) of the Bankruptcy Code, and as provided inArticle IV.K of the Plan, the Reorganized Debtors will continue to pay all obligations on accountof retiree benefits (as such term is used in section 1114 of the Bankruptcy Code) on and after theEffective Date in accordance with applicable law. As a result, the requirements of section1129(a)(13) of the Bankruptcy Code are satisfied.p. Sections 1129(a)(14), (15), and (16)—Domestic Support Obligations, Individuals,and Nonprofit Corporations.57. The Debtors do not owe any domestic support obligations, are notindividuals, and are not nonprofit corporations. Therefore, sections 1129(a)(14), 1129(a)(15), and1129(a)(16) of the Bankruptcy Code do not apply to the Chapter 11 Cases.CCaassee 2 244-9-900557755 D Dooccuummeennt t2 29663-2 F Fileiledd i nin T TXXSSBB o onn 1 021/3/113/2/245 P Paaggee 2 267 o of f1 1334527q. Section 1129(b)—Confirmation of the Plan Over Nonacceptance of VotingClasses.58. No Classes rejected the Plan, and section 1129(b) is not applicable here,but even if it were, the Plan may be confirmed pursuant to section 1129(b)(1) of the BankruptcyCode because the Plan is fair and equitable with respect to the Deemed Rejecting Classes. ThePlan has been proposed in good faith, is reasonable, and meets the requirements and all VotingClasses have voted to accept the Plan. The treatment of Intercompany Claims and IntercompanyInterests under the Plan provides for administrative convenience does not constitute a distributionunder the Plan on account of suc

New York Gov. Kathy Hocul and New Jersey Gov. Phil Murphy are delivering their respective State of the State Addresses on Tuesday. Plus, New York Rep. Lee Zeldin is set to appear before the Senate this Thursday. Also, WNYC's Sean Carlson and Ryan Kailath uncover why nearly 100 workers lost their jobs at the Tin Building in late December. And finally, we meet a teenager who bakes muffins for a class of English for Speakers of Other Languages (ESOL).

Authorization to do spaghetti. Build the spaghetti. I am not going to screw around with toilet paper and just jump in the shower instead. Rub on the floor like a dog. I paid my phone bill and your phone number … Continue reading →

#297: In today's digital landscape, ensuring secure and efficient access to systems is crucial. Authorization plays a vital role in granting the right access levels — but how can businesses implement it effectively? In this episode, we speak with Alex Olivier, co-founder & CPO at Cerbos, about how Cerbos presents an adaptable solution that streamlines access control and governance by externalizing authorization logic and focusing on policy-driven management.   Alex's contact information:  LinkedIn: https://www.linkedin.com/in/alexolivier/ X (Formerly Twitter): https://x.com/alexolivier   YouTube channel: https://youtube.com/devopsparadox   Review the podcast on Apple Podcasts: https://www.devopsparadox.com/review-podcast/   Slack: https://www.devopsparadox.com/slack/   Connect with us at: https://www.devopsparadox.com/contact/

Jake Moshenko (@jacobmoshenko, CEO of @AuthZed) talks about the challenges of securing AI interactions, as well as authentication best-practices for AI Agents and RAG patterns.  SHOW: 885SHOW TRANSCRIPT: The Cloudcast #885 TranscriptSHOW VIDEO: https://youtube.com/@TheCloudcastNET CLOUD NEWS OF THE WEEK: http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT OUR OTHER PODCAST: "CLOUDCAST BASICS" SHOW NOTES:Authzed (homepage)SpiceDB - Authorization that scales (GitHub)Google's Zanzibar (research paper)Annotating Zanzibar (by AuthZed)Authzed CEO discusses Auth for AI RAG and Agents (TheCUBE)Topic 1 - Welcome to the show. Tell us about your background and why you decided to start AuthZed.Topic 2 - AuthZed is based on technology from Google called Zanzibar. There's an in-depth research paper, but give us some background on the types of problems it solves and why it was so appealing to you. Topic 3 - Authorization is used for every application, but let's talk about it in the context of AI or AI Agents. This is still a fairly new concept, but what authorization-related challenges do you expect GenAI or AI agents to create for developers and operators?Topic 4 - Is this space moving so fast that people already realize they'll likely need something more modern, like Authzed, or are there mistakes they are making today that are going to cause serious red flags soon? Topic 5 - What is the typical path for companies or teams to adopt Authzed, and is it something that can start small and grow (or merge with other groups), or does it have to be centralized like at Google? Topic 6 - What are some of the more important areas that people building and growing AI systems that need authorization should be keeping an eye on? FEEDBACK?Email: show at the cloudcast dot netBluesky: @cloudcastpod.bsky.socialTwitter/X: @cloudcastpodInstagram: @cloudcastpodTikTok: @cloudcastpod

Welcome to your weekly UAS news update we have 3 stories for you: Drone Light Show injures kid in Orlando, Israeli drone company wins big DOD drone contract, and navigating TFRs in New York and New Jersey. First story this week is a bit of a sad one. A child was injured at an Orlando drone show last week after a drone hit him in the chest during a show near Lake Eola Park. The 7-year old boy was taken to the hospital and it was later reported that he required emergency cardiac surgery due to damage to a heart valve. Approximately 15 minutes into the performance, drones started falling out of the sky, according to a video and witness statements. The show was put on by SkyElement, a very reputable company that has a long-standing of safe operation. SkyElement puts out dozens of shows around the country yearly, and even holds 11 Guiness world records, including flying a show with 5000 drones a month ago during Thanksgiving. It's unclear exactly what happened, but it would be out of touch for me to speculate at the moment. We will follow up when the NTSB concludes its investigation and releases its findings. We wish the young boy a prompt recovery. Second story this week, XTEND, an Israeli defense tech company, has secured an $8.8 million contract with the U.S. Department of Defense. The contract is to deliver advanced AI-powered drones called PSIO sUAS. These tactical drones, capable of operating indoors and outdoors, combine artificial intelligence with real-time precision strike capabilities. The drones are designed for rapid deployment in urban and open-field settings, and reduce risks for soldiers while enhancing operational flexibility. Manufactured in the U.S., these drones align with defense production standards and are set for delivery in early 2025, following extensive testing. XTEND's systems are already in use globally, including by the Israel Defense Forces, showcasing their value in modern warfare. For our last story, I want to discuss the recent temporary flight restrictions that were put in place in New Jersey and New York. Most of those are 1 nautical mile in radius and around sensitive infrastructures, such as substations, railroad depots, or even nuclear power plants. Part 107 operators who have a valid statement of work and show a need to be in the restricted airspace are eligible to request SGI waivers. SGI stands the Special Governmental Interest and is typically used by public safety agencies, but is also available to "regular" part 107 operators. According to the FAA website, "To apply for a waiver through the SGI process, you must be an existing Part 107 remote pilot with a current certificate OR a public agency with an existing Certificate of Waiver or Authorization or COA." I will put a link in the description for those who are interested in applying (https://www.faa.gov/uas/advanced_operations/emergency_situations) Last note before we go, we have the winner of the Community photo contest for December! Congratulations to Bill Heiser won with this photo titled "Highway to the Pass". And that's it for this week and even this year. I want to thank you all for tuning in every single week. We are getting close to 300 consecutive weeks of news update, and we couldn't do this without all of you. I and the entire team at Pilot Institute wish everybody a Happy New Year. I hope it will be full of growth for your company if that's what you do, but more importantly I hope it is filled with many hours of flying. Please continue to be safe and vigilant, and remember to be a mentor to those who got their first drone under the tree.

The company is also planning to conduct the clinical trial at sites in the EU.

In this episode, Kyle sits down with Jake Moshenko, co-founder and CEO of AuthZed, to discuss his journey from working at major tech companies to becoming a two-time founder. After his first company Quay (a Docker registry service) was acquired, he founded AuthZed to solve application permission challenges. Jake shares the contrasts between his two founding experiences, transitioning from a bootstrapped two-person company to a venture-backed enterprise-focused business. He emphasizes the importance of choosing the right problem space and being prepared for the long journey of entrepreneurship. We also discuss the significance of open-source in modern software development and his perspectives on AI technology.Jake MoshenkoJake Moshenko has been an innovator in the cloud-native ecosystem for over 15 years. After engineering roles at Amazon and Google, Jake founded Quay, the first private Docker registry, which was acquired by CoreOS. Jake then became an engineering leader at CoreOS, which was acquired by Red Hat (and then IBM). He is now the co-founder and CEO of AuthZed, the company commercializing SpiceDB, the industry-leading cloud-native permissions database.Links from the Show:LinkedIn: Jake MoshenkoWebsite: AuthZedBooks: The MartianGames: AzulMore by Kyle:Follow Prodity on Twitter and TikTokFollow Kyle on Twitter and TikTokSign up for the Prodity Newsletter for more updates.Kyle's writing on MediumProdity on MediumLike our podcast, consider Buying Us a Coffee or supporting us on Patreon

Sébastien Stormacq joins us to talk about AWS Lambda and Swift - what does "Serverless" mean, how deployment works, and how to get started.GuestSébastien ☁ Stormacq

One of the oldest and most venerated game show formats is Password, dating back to well before all your co-hosts were alive. On an entirely unrelated note, for this special episode, we're playing a game called Personal Authorization Code! We've invited our friends Sarah Baker, Robert Krut, Jeff Drake, and Wendy Molyneux to play; since all of them live on the west coast and had to record in the middle of the night, our beloved Joe Reid sat in for Sarah as Tara's partner. Who can do the most with the least...number of words? Listen and learn! GUESTS

Larry Johnson: Biden's Insane Authorization.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Authentication (validating who you claim to be) and Authorization (enforcing what you are allowed to do) are critical in modern software development. While authentication seems to be a solved problem, modern software development faces many challenges with secure, fast, and resilient authorization mechanisms. To learn more about those challenges, we invited Alex Olivier, Co-Founder and CPO at Cerbos, an Open Source Scalable Authorization Solution. Alex shared insights on attribute-based vs. role-based access Control, the difference between stateful and stateless authorization implementations, why Broken Access Control is in the OWASP Top 10 Security Vulnerabilities, and how to observe the authorization solution for performance, security, and auditing purposes.Links we discussed during the episode:Alex's LinkedIn: https://www.linkedin.com/in/alexolivier/Cerbos on GitHub: https://github.com/cerbos/cerbosOWASP Broken Access Control: https://owasp.org/www-community/Broken_Access_Control

This week we review a recent thought-provoking work on the topic of the dreaded 'pre-authorization' process for procedures being performed in the US. Are there data to support the costs in money and time associated with this process in the world of congenital cardiology? How often are authorizations denied in congenital cardiac cases? Is there any evidence that obtaining insurance pre-authorization improves outcomes? What is the impact of this process on healthcare equity? These are amongst the questions reviewed this week with Dr. Brian Marcus who is a cardiologist and critical care fellow at U. Wisconsin. DOI: 10.1007/s00246-023-03255-1

Election Day is just a couple days away, and if you still need to vote, we'll tell you where to find a voting center near you. Thousands of Sharp Healthcare workers have voted to approve a five-day strike. If your child attends San Diego Unified School District, tomorrow is the deadline to submit your priority choice application. Here's NBC 7's Audra Stafford with the top stories of the day.

In a week that saw Israel launch a bizarre terror attack against Lebanon using weaponized pagers, it now looks as if Israel is going all out to start a war with its northern neighbor. Authorization was granted yesterday to open a northern front and there has been a large uptick in military activity. Will a major regional war break out just weeks before the US election? Also today...some Republican governors are taking a strong stand against the WHO...but where were they during Covid?