POPULARITY
Categories
Milein Argentiina kasvaa | Tolvanen | #neuvottelija 310. Aleksi Tolvanen kuvaa miten Argentiinan presidentti Javier Milei on onnistunut lähes mahdottomassa urakassa ja kääntänyt kroonisesti noin -4% bkt alijäämäisen valtiotalouden ylijäämäiseksi, leikannut inflaation, vakauttanut virallisen valuutan peson lähelle sen markkinahintaa ja saanut Argentiinan pörssin rajuun nousuun. Myös köyhyys on kääntynyt laskuun ja reaalipalkat ovat kasvaneet.Mileillä on kuitenkin myös kriitikonsa, jotka ovat löytäneet Libra-kryptovaluuttaan liittyvästä kriisistä aseen haastaa presidentin. Milei joutuu myös taiteilemaan libertarismin, Mercosurin ja EU:n välisen vapaakaupan sekä USA-suhteen kanssa.Neuvottelija Sisäpiirissä Aleksi Tolvanen pohtii Espanjan libertaaripiirejä ja sen akateemista vahvaa tukeaTue kanavaa katsomalla lisäsisällöt Sisäpiirissä:https://www.youtube.com/channel/UCRI34L9OtDJuZpaWicbNXzg/join#neuvottelija Sami Miettinen
Greek in the Mishkan?
Halachah From The Parshah Series: Parshas Ki Sisa - The Egel HaZahav and the laws and customs of Rosh Chodesh 02/28/2021
Halachah From The Parshah Series: Parshas Ki Sisa - The Neshamah Yeseirah Of Shabbos 02/15/2022
Parshas HaShavuah Shiurim: Parshas Ki Sisa - Standing Up And Not Backing Down- Bnei Levi In The Aftermath of The Egel, Eliyahu On Har HaCarmel, and Esther's Response To Mordechai 03/05/2023
Parshas HaShavuah Shiurim: Parshas Ki Sisa - Understanding The Chet HaEgel 02/13/2022
He Showed Him a Coin of Fire
He Showed Him a Coin of Fire
Sisa p*t*ngan tubuh Uswatun Khasanah, k*rb4n yang j3n4zahnya ditemukan dalam koper di Ngawi, kembali dimakamkan di pemakaman umum Desa Sidodadi, Kecamatan Garum, Kabupaten Blitar, Jawa Timur, setelah selesai diotopsi.
Kuapishwa kwa Donald Trump kama rais wa 47 wa Marekani, Mkutano wa kimataifa kuhusu uchumi huko Davos, Hali ya kibinadamu kuendelea kuzorota mashariki mwa DRC, Tundu Lissu ateuliwa kuwa mwenyekiti mpya wa chama cha Upinzani cha Chadema kule Tanzania, tutaangazia Sisa za Kenya, Sudan na maeneo Ya Afrika magharibi pia kwengineko duniani.
PBA #293 - Especial Urban Alien - Entrevista SUJAN - SISA
Usai Banjir Bandang, Warga Tapanuli Selatan Bersihkan Sisa Material Banjir
La Sala Zeleste fué a finales de los años 70, en la Barcelona todavía autoritaria y de la transición, un lugar de libertad creativa que montó Victor Jou muy cerca de la Via Laietana de la ciudad. Como dice Sisa, salías de la oscuridad y de repente allí emergías. Comenzaron sus pasos no solo Sisa, sino también la Orquesta Platería, Gato Perez o la Voss del Trópico. Ahora el documental "Zeleste, el record de tantes ocasions" creado por Rafael Moll y Albert de la Torre, pone la sala en el lugar que debe estar, para que las generaciones actuales comprueben que tenemos un rico pasado sonoro, no partimos de cero. Se cuenta, no su historia, sino la de las bandas y músicos que crearon el sonido que precede a lo que ahora suena a este lado del mediterráneo. Mientras hablamos con Albert de la Torre sobre la figura de Victor Jou y el trabajo de Rafael Moll, los dos ya desaparecidos, escuchamos fragmentos de temas en directo y opiniones de la periodista madrileña Rosana Torres, asidua a Zeleste. También suenan: GATO PEREZ- Rumba Laietana; SISA- El Cabaret Galàctic- Qualsevol nit pot sortir el sol; ORQUESTA PLATERIA - Ligia Elena; MIRASOL COLORES- Sin ti sin mi; PAU RIBA- Estrella de la Fortuna; MANO NEGRA- King Kong Five- Sidi Hbibi. ; KETAMA- Carta canción. Escuchar audio
1 - Dinio ny fanaon39;ny vitsika ka mba hendre 2 - Vahoakan'Andriamanitra sisa fiz faharoa
1 - Tsy ory izay mitady Azy 2 - Vahoakan'Andrimanitra sisa-1
In today's episode, we discuss the White House's call for critical cybersecurity assistance for sectors like healthcare and water utilities (https://www.cybersecuritydive.com/news/white-house-seeks-critical-cyber-assistance-for-water-utilities-healthcare/716942/), analyze the compromise of JAVS Viewer software by loader malware (https://www.helpnetsecurity.com/2024/05/23/javs-viewer-malware/), and explore how rising cyberattacks are driving the growth of the cybersecurity industry, affecting companies like AWS, Cisco, and CrowdStrike (https://www.cybersecuritydive.com/news/attacks-fuel-cyber-business/716782/). Full Coker Speech: https://www.youtube.com/watch?v=1yR3kfajhk0 00:00 Introduction to the Cybersecurity Boom 01:04 The Economics of Cybersecurity 03:22 National Cyber Director's Keynote Highlights 04:14 The Cost of Cybersecurity Measures 05:19 Teenagers in Cybercrime: A Growing Concern 06:13 JAVS Viewer Malware: What You Need to Know 07:50 Conclusion and Call to Action Tags: Harry Coker Jr, healthcare, water utilities, ransomware, National Cyber Director, critical infrastructure, cyber threats, innovative strategies, cybersecurity, administration initiatives, Lapsus, teenage cybercrime, JAVS, recording software, loader malware, security risks, courtrooms, prisons, compromised software, cybersecurity vendors, digital threat landscape, market complexity Search Phrases: Initiatives by Harry Coker Jr in cybersecurity Healthcare cyber threat protection strategies Water utilities ransomware defense National Cyber Director's speech on cyber threats Administration measures against teenage cybercrime Compromised JAVS software security risks Immediate actions for JAVS Viewer users Cybersecurity vendors' role in digital threat evolution Increasing complexity in the cybersecurity market Global spending on cybersecurity in 2023 May24 Cyber attacks are propelling the cybersecurity industry to new Heights with global spending on security projected to hit in astonishing. $215 billion this year. How are cybersecurity vendors adapting to the constant evolution of cyber threats while also contributing to increased complexity in the market? National cyber director, Harry Coker Jr. Announced a sweeping initiative to fortify healthcare and water utilities against cyber threats. Highlighting a commitment to strengthen America's critical infrastructure. At a keynote speech on Wednesday. What measures is the administration taking to deter teenagers from join me, joining cyber criminal groups. Like Lapsis. Threat researchers have discovered that legitimate recording software from JAVS has been compromised with loader malware directly from the developers own site. If you're using the jabs viewer, what actions can you take? If you suspect your version has been compromised. You're listening to the daily decrypt. The cybersecurity industry is thriving. Thanks to the rise in cyber attacks. Now this makes sense. Supply and demand is the foundation of capitalism. And cyber attacks are on the rise. So of course, cybersecurity is booming, but this reminds me sort of eerily of the show fallout, which is on Amazon prime, highly recommend one of my favorite TV shows of all time. But go ahead and skip the next 15 seconds if you don't want any spoilers, but. One of the most fascinating aspects of that show is how. Valtech the maker of these volts. Was one of the top companies in the country. Because one, they preyed on citizens, fear of a nuclear war. So they made these vaults. To keep people safe in the impending nuclear bomb drop. But in order to stay on top in order to stay. Relevant. They needed that nuke to drop. And I don't think we're at that point yet with cybersecurity, I believe. The volume of cyber attacks is enough to sustain a $200 billion industry. But who knows what will happen in 10, 20, 30 years, maybe in order to stay relevant. Defender's need to start attacking. To keep that fear alive. I really hope not, but. That is the foundation of capitalism. So as mentioned, the global spending on security and risk management is projected to reach $215 billion this year, which is a 30% increase. From $165 billion in 2022. Brendan whales of the cybersecurity and infrastructure security agency or SISA. Talks about how this multi-billion dollar cyber security industry. Exists solely because the multi-billion dollar technology industry is insecure. So as the technology industry, booms naturally cybersecurity will boom, along with it. Alan Liska from recorded future criticizes, the industry for creating unnecessary complexity. And he emphasizes that the industry is currently pushing to sell expensive solutions. Over simpler, more effective ones. So this all just begs the question. If a company. Is faced with the opportunity to end cyber risk. To stop all attacks from happening. Or to create a product that will do this. Will they. Or will they continue to confuse and complicate. In order to make more and more money. National cyber director, Harry Coker Jr. Announced new actions to bolster key sectors like healthcare and water utilities. As well as combating ransomware and enhancing resilience. During a keynote speech at Auburn university's Macquarie Institute on Wednesday. In partnership with the department of health and human services. Their aim is to raise cybersecurity standards for hospitals, as well as seek additional aid for small, rural and critical care facilities. The EPA or environmental protection agency will provide more technical assistance to public water systems. The department of agriculture will invest in a program to. Integrate cyber security into rural water utilities. They've also proposed a budget to president Biden. That includes $12 million for HHS cybersecurity capacity. $25 million for sector risk management. And $25 million for a cyber grant for water utilities. And that makes me think of an Instagram real I watched yesterday. Where. It showed a video of United States, military members firing different. Weapons systems from. The 2, 4, 9, 2 rocket launchers to 50 Cal machine guns off the side of a helicopter. And as each bullet or round fired. There was a cost calculator in the top left that showing how much it costs to fire these weapons. And all of these videos were taken during training. And like one of those rockets just to fire at once costs like $19 million, just one rocket. So, yeah, $25 million to one person is a lot of money, but to the entire country's water agency. That's no money that will not help at all. That'll get them a $10 a month subscription. To some off the shelf service. Built by AI. So we got to get that up. All right. I like the intent, but we got to get that number up. In the keynote speech Coker also highlighted. Plans to crack down on criminal ransomware and to better understand the open source security risks. He's also built a partnership with the DOJ that will develop programs to deter teens from joining cyber criminal groups, like Lapsis, which recruits minors due to their short potential jail terms. And when we think about ransomware groups like lapses, my brain doesn't go to teenagers, but it is the perfect demographic. First of all, they feel invincible. They have good internet connections. They have lots of time. And they're extremely motivated by money. Like money is status in high school. And imagine being able to buy like a super nice car and take your friends out, maybe even charter a plane or something, take your friends somewhere. So that is an interesting problem to solve. And I personally don't have a solution, but let's see what they come up with with the DOJ. And finally. There's a legitimate recording software called jabs viewer. That has been compromised with loader malware and served from the official developer's website since at least April 2nd. This is according to rapid seven. The compromised installer, which is signed by Vanguard tech limited hides malware from the gate door, Russ store, family. This malware enables unauthorized remote access data collection, and further malicious payload downloads. If you're running jabs, viewer version 8.3 0.7. At this point, you have to re image all effected end points. You've got a reset, all credentials. And browser sessions to prevent unauthorized access. And update to the latest version version 8.3 0.8 or higher. Simply updating, apparently won't completely rid your device of this malware because it had remote code execution access, and it's probably loaded other things. So the only way to rid it is to. Uh, re image that end point, which totally sucks. And might not even be possible. But I'll tell you it does suck less. Then ransomware.. If you're unsure, if the device you're working with. Has been compromised. You can search for the file name F F F M peg dot exe with three F's. Which mimics the legitimate file that this software creates called F F M peg with two F's. If that three F file is found on the endpoint, you must re image the endpoint. You can also check to see if the software you have installed is digitally signed. By jabs itself. If it's signed by Vanguard tech limited, that is compromised. This has been the Daily Decrypt. If you found your key to unlocking the digital domain, show your support with a rating on Spotify or Apple Podcasts. It truly helps us stand at the frontier of cyber news. Don't forget to connect on Instagram or catch our episodes on YouTube. Until next time, keep your data safe and your curiosity alive.
In today's episode, we explore a critical GitHub Enterprise Server vulnerability (CVE-2024-4985) that allows authentication bypass and the necessary updates for protection (https://thehackernews.com/2024/05/critical-github-enterprise-server-flaw.html), EPA's enforcement actions against water utilities lacking cybersecurity measures (https://www.cybersecuritydive.com/news/epa-enforcement-water-utilities-cyber/716719/), and newly discovered security flaws in the Python package llama_cpp_python (CVE-2024-34359) and Firefox's PDF.js library (CVE-2024-4367), highlighting potential risks and the importance of vigilant security practices (https://thehackernews.com/2024/05/researchers-uncover-flaws-in-python.html). 00:00 Cybersecurity Threats to US Water Utilities 01:02 Deep Dive into Water Utility Cybersecurity Flaws 03:26 Strategies for Enhancing Cybersecurity in Water Utilities 04:49 EPA's Enforcement Actions and the Importance of Cybersecurity 06:38 GitHub Enterprise Server's Critical Security Flaw 08:00 Emerging Cybersecurity Threats and Updates Tags: GitHub, Enterprise Server, CVE, SAML SSO, cybersecurity, vulnerability, GitHub updates, EPA, cyberattacks, water utilities, vulnerabilities, security enforcement, Checkmarx, Llama Drama, Mozilla, PDF.js Search Phrases: GitHub Enterprise Server CVE-2024-4985 vulnerability SAML SSO security breach in GitHub How to secure GitHub Enterprise Server EPA cyberattack vulnerabilities in water utilities Steps to mitigate water utility cyber threats Llama Drama security flaw in llama_cpp_python High-severity vulnerability in Mozilla PDF.js Protecting systems from PDF.js exploits Checkmarx reports on Llama Drama Latest cybersecurity vulnerabilities December 2023 May22 The EPA has announced that over 70% of us water utilities inspected are vulnerable to cyber attacks due to outdated security measures like default passwords and single log-ins. What specific vulnerabilities put major water utilities at risk. And how is the EPA planning to address them? A high severity vulnerability in Mozilla's PDF dot JS have been uncovered allowing threat actors to execute arbitrary code and. Compromise millions of systems globally. What methods can users implement to help protect their systems from these vulnerabilities? And finally an alarming get hub enterprise server vulnerability now threatens unauthorized administrative access through. SAML single sign-on prompting crucial updates. From GitHub to prevent exploitation. How can organizations secure their get hub enterprise server instances against this vulnerability? You're listening to the daily decrypt. The environmental protection agency or EPA announced that the majority of us water utilities. The inspected are vulnerable to cyber attacks due to using default passwords and single log-ins. And to get a little more specific over 70% of water utilities that were inspected since September of last year, failed to comply with the safe drinking water act. By commonly using single log-ins for multiple employees. And not revoking access for former employees. So being a cybersecurity professional, it's really hard for me to even imagine using the same login as somebody else. This is such a terrible idea for many reasons. Some of which are obvious and some of which might not be like, first of all, multiple people know your password. Which is kept. Under wraps. Like if it's kept locked down, that's not a huge issue, but it's not being kept locked down. If this is a practice it's not being kept, locked down. So what if one of the people who's using that log in? Already has that password memorized and they decide to use it on a different site. Maybe even with that same email address and that site gets breached. And the email address is probably water company related. So any attacker that comes across these credentials will instantly have access to. The water utilities. Infrastructure. So say someone gets into the water utilities, infrastructure using those credentials. It will be impossible to go back and look at logs and see where the error was. It could be across many different people. So they're not even able to identify the root cause of the breach. Logging is essential. So you want to make sure that you know exactly who is doing what actions on which computer. Sharing credentials makes that impossible. You can also lock down different permissions by each user account. And then monitor. Uh, activities based on those permissions. So if you see an account, that's trying to do something that they shouldn't be doing. It's an indicator of compromise. So, how do I know what this account that's being shared across multiple people should be doing? Can you be logged in, in multiple places at once? Is one of the people using that account in Nigeria. Who knows. Right? So this is just terrible. And then the second issue is former employees. Credentials are not being revoked. They're not being closed down. So that means that if anybody comes across the username and password, Of a former employee, they can access the system. That includes the former employee. What if they got fired? What, if they have a malicious intent against their boss, they can log in after being terminated or leaving the job and mess things up for the company. Now I understand that these two things take resources to fix. It's going to take a bigger it team. It's going to take some automation tools. But I cannot stress this enough. Uh, compromise. Will cost more. Then the tools use to prevent it. So if you're maintaining one of these infrastructures, Please talk to your boss every day. Schedule an email. Talk to your investors, talk to the board, make sure they understand that if this place gets compromised, it's going to cost them way more than hiring another it person or buying a tool that can automate this process. And if you're feeling ambitious, One of the other things you can do with former employees accounts is to create a decoy account. Which is essentially a honeypot. So say someone does come up. Upon these credentials and they try to log in. You have already set up alerting that no one should be logging in with these credentials. But if an attacker is in the environment and finds these credentials, they will see a history of usage, which makes those credentials more enticing. And that's something you can't get with just a brand new account. It turned into a decoy. So it's recommended to repurpose every former employees account as a decoy set up an alert. Nobody should be logging in. Nobody should be touching these credentials or even attempting to log in with these credentials, if they are. You've been breached. It's one of the easiest ways to detect a breach. Alright, lecture aside. Let's finish up this news. The EPA has taken more than 100 enforcement actions. Against the community water systems since 2020 and plans to increase future inspections. Criminal enforcement may occur. If there's imminent danger. So you can be prosecuted as a criminal for neglecting to secure your network. If you work for a water plant or in a water agency. Because. Imminent danger is upon us. If you don't secure our network, right? What are the consequences for a compromise at the source of our water? Well, we don't get water and what do we need to live water? In fact, in recent months, Iran, China and Russia, as well as criminal ransomware gangs have targeted us and UK. Water treatment facilities. And they will continue to target these facilities because they are critical infrastructure for the United States. Right. The president needs water. The Congress needs water police force needs water, military needs. Everyone needs water. So it's going to be a top target and we don't have the funding to secure it. So according to. SISA. 95% of the 150,000 water utilities in the us do not have a cybersecurity professional on staff. And that sounds like a staggering amount, but it's pretty expensive to have a cybersecurity professional on staff. We get paid a lot of money. Um, And what I'd like to know is if any of these. Water treatment facilities are contracting out to cybersecurity professionals. So. There are companies out there that will provide advice for a fee. So you don't have to have someone on your staff. There are also companies out there that will monitor your networks for a fee. So you don't have to build out your own security operation center. If you'd like recommendations on either of these services or to be pointed in the right direction, feel free to shoot us a DM on Instagram or YouTube. And we will get back to you. All right. There is a new maximum severity flaw in get hub enterprise server that could allow attackers to bypass authentication protections. This flaw score is a perfect 10 out of 10 on the CVSs scale. Which indicates it's extremely critical. And so as mentioned, the vulnerability allows unauthorized access by forging a SAML response to provision or gain access to a user with admin privileges, but only in instances using SAML single sign-on with optional encrypted assertions. The issue affects all G H G S versions prior to 3.1 3.0. Get hub has released patches. And in some versions of 3.9, three point 10, three point 11 and three point 12. So if you're using these versions or earlier, Please go update. Instances without SAML SSO or those using SAML SSO without encrypted assertions are not affected by this flaw. If your setup doesn't involve encrypted assertions, you're in the clear. But encrypted assertions, improve security by encrypting messages from the SAML identity provider during authentication. However. This feature led to the discovered vulnerability when not properly updated. So just keep your crap up to date. I know it's tough. And finally researchers have uncovered a severe security flaw in the Lama CPP Python package tracked as CVE 20 24 3 4 3 5 9 with a CVSs score of 9.7. So. Pretty dang critical. This. Vulnerability is named llama drama. And can enable threat actors to execute arbitrary code, potentially compromising data and operations. The vulnerability stems from the misuse of the Jinja two template engine. Leading to server-side template injection. The flaw has been patched in version 0.2 0.72. And if you're using this package, you should update immediately. Additionally Mozilla discovered a high severity flaw in the PDF dot JS JavaScript library used by Firefox. This flaw allows arbitrary JavaScript execution. When a maliciously crafted PDF document is opened inside of Firefox. The issue has been resolved in Firefox 1 26 or Firefox ESR, one 15 dot 11. So make sure to update your browser as soon as possible. As well as any related software. To their latest versions. This has been the Daily Decrypt. If you found your key to unlocking the digital domain, show your support with a rating on Spotify or Apple Podcasts. It truly helps us stand at the frontier of cyber news. Don't forget to connect on Instagram or catch our episodes on YouTube. Until next time, keep your data safe and your curiosity alive.
In today's episode, the discussion revolves around the efficacy of password protection methods, contrasting software and hardware encryption for data security. While software encryption comes with convenience, it can be prone to attack methods like brute force, making hardware-encrypted drives a more secure choice, especially for sensitive data protection. Additionally, insights are shared on the Biden administration's plans to hold the software industry accountable for insecure software, focusing on creating incentives for cybersecurity investment. Furthermore, Microsoft's recent cybersecurity overhaul showcases a shift towards prioritizing security over new features, highlighting the importance of executive accountability and incentive structures for ensuring robust security practices. https://www.helpnetsecurity.com/2024/05/10/password-protect-pdf-excel-files/, https://www.cybersecuritydive.com/news/white-house-software-accountable-security/715797/, https://www.helpnetsecurity.com/2024/05/10/password-protect-pdf-excel-files/ Search Phrases: data theft prevention methods cybersecurity measures for data protection Biden administration liability framework software industry Microsoft cybersecurity initiative executives software liability framework impact on industry cybersecurity governance model Microsoft executives compensation [00:00:00] Passwords versus encryption. How can individuals and businesses prevent data theft and hacking through proper encryption methods beyond simple password protection. The Biden administration seeks to establish a liability framework to hold the software industry accountable for insecure software and an effort to shift the security burden away from users and onto the industry. What measures are being taken by federal officials to incentivize longterm investment in cybersecurity through a software liability framework. And how will this shift impact the industry and consumers? Microsoft is leading a new cybersecurity initiative with the compensation for senior executives being linked to security standards, fostering a company wide security first approach that emphasizes accountability. How has Microsoft revamped its cybersecurity governance model. And why is this [00:01:00] tying executive compensation to security? Promoting a stronger focus on cyber security within the company. You're listening to the daily decrypt. Password protection versus encryption. This is an interesting article from health net security titled how secure is the password protection? On your files and drives it. Discusses. While password protection may be, can be lenient. It can be easily circumvented making it vulnerable to hacking attempts. In some instances, password protection does use a form of encryption, and we're going to discuss a couple of different types of encryption in that software encryption and hardware encryption. And we'll go have a little bit of the differences there. Software encryption is a way of protecting information on computers and systems online by turning readable data like texts in a document or a message into a scrambled unreadable format. Imagine you have a letter that you want to send securely, you put it in a box and lock it with a key. You [00:02:00] send the locked box and the recipient uses a copy of the key to open it and read the letter. And software encryption. The box is the encryption technology and the letter is your data. Many office applications. Do you offer software encryption to protect files? However software encryption has security drawbacks, such as being susceptible to brute force attacks and relying on a single point of failure, like a user's password or encryption keys. Hardware encryption. Is similar to software encryption in that it protects data by converting it into a scrambled unreadable format. However, instead of using software to perform this process, hardware encryption relies on a physical device, such as a specialized chip on a hard drive or a USB flash drive to handle the encryption. Think of hardware, encryption like a safe, where you store your valuable documents. The safe has a built-in lock that automatically locks the documents inside. When you close the door, that's the encryption chip being the lock and the documents and side being encrypted when the [00:03:00] door's closed. Only with the right key or combination. Can you open the safe and access the documents in a readable form that key or combination in this example is the encryption key. Hardware encrypted drives are designed to resist attacks and have added protections against physical tampering and are portable allowing users to securely transport data outside of the office. They also offer a superior data of recovery capabilities. Crucial in the face of Verizon ransomware attacks. Something to consider with all of this is do the devices that you interact with on a regular basis offer any of this protection. Apple does offer hardware encryption, and it is enabled by default on iOS devices. Once you set up the passcode. This means that the data is automatically encrypted in the key is protected by a service called secure enclave. Yeah. On the Android side, many devices do support hardware encryption through a dedicated platform like [00:04:00] trusted execution environment. As far as defaults. Newer Android devices that are running Android six oh or later that's marshmallow. Encryption is enabled by default. For devices, that's it isn't enabled by default users can typically enable it manually through the security settings. And then on the windows side, Many modern devices, especially those that come with windows 10 or 11 hardware encryption is often enabled by default. If the hardware supports it. This is typically managed through a service called BitLocker it's windows encryption feature, which we'll use hardware encryption automatically. If a trusted platform module is present and configured correctly. Password protection does offer basic security. Hardware encryption is definitely the way to go. Luckily software vendors are getting better at enabling these features by default. So it's something that a lot of users don't have to worry about. [00:05:00] The white house wants to hold the software sector accountable for security. This article from cybersecurity dive covers the Biden's administration. And their plan on establishing a liability framework, which will hold the software industry accountable for insecure software. This is aiming to shift the security burden away from users to the industry. Like I said, vendors are getting better at enabling more secured. Options by default. And this is really just in line with that. The objective is not to open up the software industry to lawsuits, but to secure investments in secure software development. The administration seeks to create incentives for long-term investment in cybersecurity and resilience. A symposium of on software liability was hosted by the white house in March, engaging legal scholars, think tank representatives in top administration officials. Currently software license agreements, shield companies from lawsuits [00:06:00] through limitations of liability and disclaimers. According to James Dempsey from Stanford university. The office of the national cyber director, O N C D included the pursuit of software liability in its cybersecurity posture report, emphasizing the importance of secure software development practices. A group of 68 technology and security firms committed to a security pledge from SISA focusing on practices like multi-factor authentication and vulnerability, disclosure, transparency. The FBI and SISA recently urged tech manufacturers to address directory traversal vulnerabilities in their applications to prevent exploitation by malicious actors. This is really cool. Directory traversal can lead to a lot of data exposure, especially across multiple users and companies. Brian Fox co-founder and CTO of Sona type advocates for a long overdue liability regime in the software industry. Emphasizing the need for government [00:07:00] intervention to address market failure. This effort by the bottom. The administration is. Nice step in the right direction in the way that software security is approached. Striving to foster, a more secure digital landscape for all users by holding the industry accountable for the security of their offerings. Keep an eye on how this policy evolves as it could establish a new benchmark for software security and industry accountability. Microsoft's secure future initiative. This article come from the cybersecurity dive where officials see a real change in Microsoft security plans, financial accountability. So Microsoft has a launched, a comprehensive cyber security revamp, including restructuring its governance model and emphasizing security over new features. Reminiscent of bill gates, 2002 trustworthy computing initiative. The initiative includes a direct link between security and executive [00:08:00] compensation, symbolizing, a prioritization of security within the company and potentially driving customer confidence. Cybersecurity experts like Jen easterly and Chris Krebs, praise Microsoft's initiative, highlighting the importance of executive accountability and compensation, linked pressures and driving a security first approach throughout the company. Microsoft faces significant pressure to enhance its security posture. Following recent high profile attacks, including a China affiliated threat group, compromising Microsoft exchange accounts and emails of senior us officials Microsoft is intensifying its efforts to instill a security first mindset across all its teams with each team. Having designated individuals accountable for ensuring robust security practices are in place. The strategy emphasizes the importance of integrating security considerations into every aspect of the development process. Reinforcing the company's commitment to leading by example in cyber [00:09:00] security. I really like this. I hope that more companies follow suit with this, it does sound a little fluffy. I think it is a great approach. Keeping executives financially tied to this decisions that they make in regards to cybersecurity will hopefully just bolster cybersecurity as a whole. This has been the Daily Decrypt. If you found your key to unlocking the digital domain, show your support with a rating on Spotify or Apple Podcasts. It truly helps us stand at the frontier of cyber news. Don't forget to connect on Instagram or catch our episodes on YouTube. Until next time, keep your data safe and your curiosity alive.
Area/TopicEcuador, Adventure Travel, Ecotourism, BusinessHenry SisaCEO-FounderAdventure JourneysI love adventure travel. I have been in the tourism industry for more than 15 years, almost all of that time as a naturalist guide and adventure trip leader throughout Ecuador and The Galapagos. I am particularly interested in the Amazon rainforest, and enjoy sharing it with guests while trekking, biking, kayaking, climbing, diving, and even horseback riding. I am committed to creating holidays with a purpose, and off the beaten path. I want each guest to have a unique experience filled with awe, fun, and connection, ensuring long-lasting memories. My team and I take great pride in organizing customized programs, expertly crafted to accommodate the unique interests and needs of each guest.https://www.adventurejourneys.com/SummaryHenry Sisa from Adventure Journeys in Ecuador shares his journey and the diverse adventures his company offers. He discusses the unique experiences of visiting indigenous communities and the remote areas of the Amazon. Henry also highlights the best time to visit the Amazon and the different climates in Ecuador. He emphasizes that adventure travel is not limited to extreme activities and can be tailored to different interests and age groups. Henry recommends visiting Quito and Cuenca for a week-long trip and trying the traditional dish called encebollado. He also mentions the ceremonial and medicinal experiences available in Ecuador. In this conversation, Henry from Ecuador shares his passion for his country and the unique experiences it offers to travelers. He discusses the beauty and diversity of Ecuador, the importance of sustainable tourism, and the incredible wildlife found in the Galapagos Islands. He also highlights the rich culture and delicious cuisine of Ecuador. Overall, this conversation provides a comprehensive overview of what makes Ecuador a must-visit destination.TakeawaysEcuador offers a diverse range of landscapes and experiences, from the Amazon rainforest to the Galapagos Islands.Sustainable tourism is a priority in Ecuador, with efforts to protect the environment and support local communities.The Galapagos Islands are a unique destination known for their incredible wildlife and conservation efforts.Ecuadorian culture is rich and vibrant, with a mix of indigenous traditions and Spanish influences.Ecuadorian cuisine is delicious and varied, with dishes like ceviche and llapingachos showcasing the country's culinary heritage.Chapters00:00Introduction and Background03:15Henry's Journey and Adventure Journeys08:19Exploring Ecuador and the Galapagos15:10Experiencing the Indigenous Communities21:42Best Time to Visit the Amazon23:08Different Climates in Ecuador28:13Adventure Travel in Ecuador32:26Recommended Places to Visit in Ecuador39:29Ceremonial and Medicinal Experiences44:19Surprising Aspects of the Galapagos48:38Must-Try Dish in Ecuador10:00The Beauty and Diversity of Ecuador20:00Sustainable Tourism in Ecuador30:00Exploring the Galapagos Islands40:00Ecuadorian Culture and Cuisine50:00Conclusion and Invitation Learn more about the Big World Made Small Podcast and join our private community to get episode updates, special access to our guests, and exclusive adventure travel offers at bigworldmadesmall.com.
The Artist's Many Names
Learn from the mistakes of our forefathers. Don't reach a point where you'll want to say, 'chaval.'
Ki Sisa - Standing Behind R' Chaim Kanievsky At The Census ...
The final instructions for the construction of the Tabernacle are conveyed at the beginning of this week's parsha. After Moshe is told to appoint Bezalel as the head overseer of this enormous project, the Torah cautions us against constructing the tabernacle on Shabbos. Although we are required to build the Tabernacle, and we are inclined […]
The final instructions for the construction of the Tabernacle are conveyed at the beginning of this week's parsha. After Moshe is told to appoint Bezalel as the head overseer of this enormous project, the Torah cautions us against constructing the tabernacle on Shabbos. Although we are required to build the Tabernacle, and we are inclined to be expeditious in the performance of this great mitzvah, nevertheless, we may not do it on Shabbos. When the Torah conveys this to us, the verse seems to have a bit of a superfluous phrasing. These seemingly extra words are explained by the commentaries who open up our eyes to the fascinating and powerful world of augmenting Shabbos. We have the ability to increase the Sabbath. We can take a day that is not the Sabbath and transform it and elevate it and render it Shabbos. The consequences of this radical idea are vast and powerful.– – – – – – – – – – – – – – – – – – – – – –This Parsha Podcast is dedicated in loving memory and leilui nishmas Sara bas Menachem, Mrs. Shirley Nagel, mother of our beloved Rabbi Yaakov Nagel who passed away this week. May her soul be elevated in Heaven.– – – – – – – – – – – – – – – – – – – – – –DONATE to TORCH: Please consider supporting the podcasts by making a donation to help fund our Jewish outreach and educational efforts at https://www.torchweb.org/support.php. Thank you!– – – – – – – – – – – – – – – – – – – – – –Email me with questions, comments, and feedback: rabbiwolbe@gmail.com– – – – – – – – – – – – – – – – – – – – – –SUBSCRIBE to my Newsletterrabbiwolbe.com/newsletter– – – – – – – – – – – – – – – – – – – – – –SUBSCRIBE to Rabbi Yaakov Wolbe's PodcastsThe Parsha PodcastThe Jewish History PodcastThe Mitzvah Podcast This Jewish LifeThe Ethics PodcastTORAH 101 ★ Support this podcast ★
This week, we discuss the difference between Amalek and the Jewish people. Safes vs. Mistama. And of course, we mention a vort from the Chasam SoferI hope you enjoy this episode.My book "Ready. Set. Grow." is available at your local Seforim store, or it can be ordered online at: https://mosaicapress.com/product/ready-set-grow/To watch a video version and follow my Torah classes on TorahAnytime, click here: https://www.torahanytime.com/#/speaker?l=1369Have a wonderful week!#jew #jewish #podcast #frum #rabbi #frumpodcast #inspiration #torah #mitzvah #hashem #jewishpodcast #israel #exodus #parsha #oristrum #torahsparks #readysetgrow #meaningfulminute #growthmindset #motivational #lifelessons #torahanytime
Join us as we contemplate the profound story of the Golden Calf, which is a central theme in this week's Parsha, Ki Sisa. The swift decline of the Israelites from their spiritual pinnacle to idolatry poses a timeless question about human frailty. As we examine the verses from Exodus, we are reminded of Moshe's impassioned plea to God, advocating for the forgiveness of his people and revealing the essence of true leadership. This episode also navigates the intricate concept of sin as a hurdle between us and the divine, urging us to recognize the 'little golden calves' in our daily lives that disrupt our connection with the Almighty. Listen in as we unravel the ongoing battle to remain steadfast in faith and the deeper significance of repentance.In our discussion, we also dissect the complexities of forgiveness, prayer, and the ethical quandaries presented in the Parsha. The narrative sheds light on the power of prayer and the potential for redemption from certain transgressions, as illustrated by Aaron's controversial decisions during the Golden Calf episode. Furthermore, we tackle the delicate balance of Lashon Hara (Slander) in necessary situations such as inquiring about prospective marriage partners or business associations. Tune in as we conclude with a vital reminder to shun sin, maintain our bond with Hashem through prayer and repentance, and prepare ourselves for the next step in our spiritual journey.This episode (Ep 6.21) of the Parsha Review Podcast by Rabbi Aryeh Wolbe on Parshas Ki Sisa is dedicated in Honor of our dear daughter Meira & Shimon Prupas on their engagement & in honor of our Holy Soldiers in the Battlefield and our Torah Scholars in the Study Halls who are fighting for the safety of our nation!Download & Print the Parsha Review Notes:https://drive.google.com/drive/folders/1ncaRyoH5iJmGGoMZs9y82Hz2ofViVouv?usp=sharingRecorded in the TORCH Centre - Studio B to a live audience on February 27, 2024, in Houston, Texas.Released as Podcast on February 29, 2024_____________DONATE to TORCH: Please consider supporting the podcasts by making a donation to help fund our Jewish outreach and educational efforts at https://www.torchweb.org/support.php. Thank you!_____________SUBSCRIBE and LISTEN to other podcasts by Rabbi Aryeh Wolbe: NEW!! Prayer Podcast: https://prayerpodcast.transistor.fm/episodesJewish Inspiration Podcast: https://inspiration.transistor.fm/episodesParsha Review Podcast: https://parsha.transistor.fm/episodesLiving Jewishly Podcast: https://jewishly.transistor.fm/episodesThinking Talmudist Podcast: https://talmud.transistor.fm/episodesUnboxing Judaism Podcast: https://unboxing.transistor.fm/episodesRabbi Aryeh Wolbe Podcast Collection: https://collection.transistor.fm/episodesFor a full listing of podcasts available by TORCH at https://www.TORCHpodcasts.com_____________EMAIL your questions, comments, and feedback: awolbe@torchweb.org_____________Please visit www.torchweb.org to see a full listing of our outreach and educational resources available in the Greater Houston area! ★ Support this podcast ★
The golden calf is one of the most inexplicable events in the Torah. What went wrong? Who is to blame? In this special edition of the Parsha Podcast we propose a novel idea that threads throughout the entire Parsha. We emerge from this episode with a greater appreciation of the indivisibility of our nation. – – […]
The golden calf is one of the most inexplicable events in the Torah. What went wrong? Who is to blame? In this special edition of the Parsha Podcast we propose a novel idea that threads throughout the entire Parsha. We emerge from this episode with a greater appreciation of the indivisibility of our nation.– – – – – – – – – – – – – – – – – – – – – –DONATE to TORCH: Please consider supporting the podcasts by making a donation to help fund our Jewish outreach and educational efforts at https://www.torchweb.org/support.php. Thank you!– – – – – – – – – – – – – – – – – – – – – –Email me with questions, comments, and feedback: rabbiwolbe@gmail.com– – – – – – – – – – – – – – – – – – – – – –SUBSCRIBE to my Newsletterrabbiwolbe.com/newsletter– – – – – – – – – – – – – – – – – – – – – –SUBSCRIBE to Rabbi Yaakov Wolbe's PodcastsThe Parsha PodcastThe Jewish History PodcastThe Mitzvah Podcast This Jewish LifeThe Ethics PodcastTORAH 101 ★ Support this podcast ★
Dear Chevra, We are pleased to bring you the audio shiur given on the topic of Ki Sisa. Shana tova, Journeys in Torah
When were the Jewish people counted? Why did each person give only have of a shekel? What is the problem with counting the Jews? Where did the money for the karbanos come from? Why is this story read before purim? Learn the answers to all of this, and more, on this week's episode of Toras Chaim. Toras Chaim: Meaningful Life Lessons from the Weekly Parsha, by Rabbi Elchonon Cohen. Comments, questions and requests are welcome! Instagram: @OvertimeCook or @Elchonon or via email: overtimecook@gmail.com
This week's parsha contains several instructions related to the Tabernacle, but the majority of the parsha is dedicated to arguably the most shocking and troubling episode in the whole Torah, the Golden Calf. Forty days after the nation reached the pinnacle of human accomplishment – a national revelation at Sinai – the same nation committed what […]
This week's parsha contains several instructions related to the Tabernacle, but the majority of the parsha is dedicated to arguably the most shocking and troubling episode in the whole Torah, the Golden Calf. Forty days after the nation reached the pinnacle of human accomplishment – a national revelation at Sinai – the same nation committed what seems on the surface to be idolatry.– – – – – – – – – – – – – – – – – – – – – –DONATE to TORCH: Please consider supporting the podcasts by making a donation to help fund our Jewish outreach and educational efforts at https://www.torchweb.org/support.php. Thank you!– – – – – – – – – – – – – – – – – – – – – –Email me with questions, comments, and feedback: rabbiwolbe@gmail.com– – – – – – – – – – – – – – – – – – – – – –SUBSCRIBE to my Newsletterrabbiwolbe.com/newsletter– – – – – – – – – – – – – – – – – – – – – –SUBSCRIBE to Rabbi Yaakov Wolbe's PodcastsThe Parsha PodcastThe Jewish History PodcastThe Mitzvah Podcast This Jewish LifeThe Ethics PodcastTORAH 101 ★ Support this podcast ★
Yvette Borja interviews Belén Sisa, creator and host of the Pretty Serious Podcast and former National Latino Press Secretary for Senator Sanders' presidential campaign. They discuss the history of the DACA movement and Belén's participation in it, the importance of voting in local elections, and why it's important to vote Kyrsten Sinema out of office in 2024. To support the podcast, become a monthly patreon subscriber at: https://patreon.com/radiocachimbona?utm_medium=clipboard_copy&utm_source=copyLink&utm_campaign=creatorshare_creator&utm_content=join_linkFollow @radiocachimbona on Instagram, Twitter, and Facebook.