Iβm still confused about what is happening at CISA. https://www.politico.com/news/2025/12/21/cisa-acting-director-madhu-gottumukkala-polygraph-investigation-00701996?utm_content=politico/magazine/Politics&utm_source=flipboard
Kevin Beaumont
Kevin Beaumont
npub176rs...kwlw
Cybersecurity weather person and award winning shitposter. Shitposting is an anagram of Top Insights. You may be surprised to know I am not representing my employer here and these are not their opinions.
I have Direct Messages disabled - you can send them, but I will never receive them.
jes staley right now
David Walliams dropped by book publisher 
βFormer staff also told this newspaper that they were told to work in βpairsβ when meeting Walliams and were advised not to visit his home.β
BBC News
David Walliams denies inappropriate behaviour after HarperCollins drops him
Walliams is one of the UK's most successful children's authors, having sold more than 60 million books.
ransomware victims coming thick and fast this week
the logic here is encrypt just before Xmas, more likely to pay to try to recover before Xmas (spoiler: most of those orgs won't recover before Xmas either way).
HPE OneView CVE-2025-37164 worth paying attention to
- Widely used enterprise management software
- HPE added a REST command, executeCommand, which requires no authentication to execute commands. Obviously, this is dumb and now patched out
- Being on OneView allows attacker to access VMware, 3PAR storage etc by design
- Expect exploitation in the wild as it's so simple
- The vulnerability (executeCommand) was introduced around 2020, feels like a vulndoor
Shodan dork: product:"HPE OneView"
Arc Raiders continues to delight.
It reminds me a lot of Fallout 76, which was designed to be an intense PvP Rust like experience. Instead, everybody was super nice.
In Arc Raiders I just have match after solo match and meet other players who are super nice guys from Finland. Itβs months in and I havenβt been killed once.
