They’ll have lost the source code for all the enterprise plugins (SAP, Salesforce, etc etc) they have, all the infrastructure as code and provisioning code to run their software in Grafana Cloud, all their closed source code for apps like IRM that were never open source, and probably a load of expensive source code they acquired through partnerships with companies like warpstream.

So yeah probably a six or seven figure loss. In particular the IaC means the attackers can spend tokens to find possible cloud vulnerabilities that will allow them to attack the cloud product, maybe even steal customer data.

It suckers that most laptops no longer come with a clit-mouse, they were so handy

bank cards include encryption/hardening against cloning for obvious reasons. I’m not sure if the same would apply to a “pay as you go” card but I would expect so.

yeah the chip on the card itself is not the component that will make the connection with the payment terminal. luckily for you, you don’t have to have the antenna be that same shape, it can fit into different shapes and still be effective, like the tip of a magic wand. or even a ring. try it with low value cards first and don’t break the antenna. good luck!

Yeah you can use acetone to get the chip and antenna out of the card and then resin or cast it into a wand.

But really wouldn’t it be cleaner just to make a plaster cast of an apple watch, and then cast a vinyl or rubber star with the ability to insert said watch later, to make contactless payments with?

edit: apparently this is so common there are etsy shops for them https://www.etsy.com/market/credit_card_wand

Fortunately there are plenty of Zigbee dongles that are compatible with HA, and just as fortunately they will all support Aqara sensors using MQTT with very little effort.

A supermicro 5018A-FNT4 with 16GB RAM. HA takes up about 25%, the rest is influxdb and Grafana.

note that a lot of IR devices now blast a whole bunch of different codes for each button press, so they can control more devices with the same remote.

If you’re capturing from the remote and it seems like the code changes each time, you might need to capture it all and play back one code at a time to work out which one is for your device.

If you have to open it up, then you can at least allow-list IP addresses through your firewall so it’s not everyone who gets full access.

In addition to what others have already posted, I suspect that this might be an attempt to evade spam/phishing filters that are looking for an IP address with a specific regular expression. Having a fake IP address that doesn’t match the traditional ^((25\[0-5]|(2\[0-4]|1\d|\[1-9]|)\d)\\.?\b){4}$ format might let this message slip through.

HK G36-C no?

The year is 2006. A Wordpress vulnerability allows attackers to create admin accounts.

The year is 2016. A Wordpress vulnerability allows attackers to create admin accounts

The year is 2026…

was this today? I also need half an hour or so to get going on a friday.

ah yeah I meant to type “enable”.

thanks - changed

they’re all attack attempts. set up fail2ban, enforce ssh key-based authentication, run it in a non standard port and create firewall allow lists for trusted users, networks or countries if you can. make sure everything is patched frequently.

expect consequences for running onion hidden services - captchas and denied service for that IP address, but also attacks against the hidden service itself.

Tuya devices are super cheap, often sold as massive loss leaders and frequently rebadged as other brands (MOES comes to mind, as well as lots of “iThing” type brands)

It is not surprising at all that lots of folks eschew the mobile app and use HA to control them. Also the Local Tuya integration is difficult to use and often doesn’t work at all.

I made a free forever server and it got deleted after 2 weeks. As part of the server running I scheduled a daily rsync backup to my NAS and provisioned it with terraform so I can build it quickly again.

There’s also this cool Zigbee IR blaster device that can learn the IR codes and then fire them out from HA if you don’t have the stomach for ESPHome.

I bought an LG commercial display, which was roughly double the cost of an equivalent LG TV.

It’s awesome, it has 2x HDMI inputs and no smart features at all. It is supposed to go in video walls (big arrays of tiled TVs) so don’t need all that AI stuff.

Control is via RS232, so I soldered a connector onto an ESP-32 and installed ESPHome on it to control power, volume and screen.

A soundbar isn’t quite right for me, but again I would recommend something with RS232 and use an ESP-32 (if you like hacking) or a commercial rs232 to ethernet adapter (like this) if you don’t.

isn’t it “poppers?” a common party drug that it supposed to be left open in a room and passively inhaled?