An Ohio IT contractor has pleaded guilty to breaking into his former employer's systems and causing nearly $1 million worth of damage after being fired.

Maxwell Schultz, 35, impersonated another contractor to gain access to the company's network after his credentials were revoked.

Announcing the news, US attorney Nicholas J. Ganjei did not specify the company in question, which is typical in these malicious insider cases, although local media reported it to be Houston-based Waste Management. The Register contacted Waste Management for clarity, but it did not respond.

The US Securities and Exchange Commission (SEC) has abandoned the lawsuit it pursued against SolarWinds and its chief infosec officer for misleading investors about security practices that led to the 2020 SUNBURST attack.

In a joint motion filed Thursday, the SEC along with SolarWinds and its Chief Information Security Officer Timothy G. Brown, asked the court dismiss [PDF] the commission's ongoing civil enforcement action.

The market for server virtualization tools is about to fragment, according to analyst firm Gartner.

“The server virtualization market is facing the most significant disruption in decades,” states the analyst’s October market guide to server virtualization platforms. Broadcom’s acquisition of VMware – and subsequent decision to focus its efforts on a broad public cloud platform – is the reason for the shifting market.

“For many Gartner clients, the aftereffects of VMware’s acquisition by Broadcom represent a turning point in the market for server virtualization,” the market guide states. “Disruption is being driven by customer concerns about increases in the total cost of ownership, the quality of support, and changes to product roadmaps with limited perceived benefit.”

A faulty HP OneAgent update (version 1.2.50.9581) silently deleted Microsoft Entra ID certificates on HP's AI-enabled devices, breaking cloud authentication for affected organizations[^1]. The issue stemmed from a cleanup script in package SP161710 that indiscriminately removed certificates containing "1E" in their identifiers, inadvertently deleting critical MS-Organization-Access certificates needed for Entra ID authentication[^1].

The problem specifically affected HP's Next Gen AI models like the EliteBook X Flip G1i, with the update pushed through HP's AWS IoT backend without proper testing[^1]. While HP has pulled the problematic update, affected devices require manual intervention - either logging in with local admin credentials to rejoin Entra ID or using Microsoft Defender's Live Response for remote fixes[^1][^2].

According to HP, "The update is no longer available and will not affect more AI PCs. We're investigating the issue and working closely with impacted customers on mitigation"[^12].

[^1]: PatchMyPC - HP OneAgent Update Broke Entra Trust on HP AI Devices [^2]: CyberSecurityNews - HP OneAgent Update Brokes Trust And Disconnect Devices From Entra ID [^12]: BleepingComputer - HP pulls update that broke Microsoft Entra ID auth on some AI PCs

I don't usually link to Reddit but damn... Entra leak is a big deal

i need help, i am taking a summer college class for a comptia security+ exam. Does anyone know how to set up group audit policy in windows. i need to do this for a lab. i have attached a image of what i need to do.

I wonder if this new system is why I can't make slack remind me at weird times...

It is always interesting to read about other people's experiences with k8s.

Archive Mirror for those that hate medium: https://archive.is/sQcHH

Off topic:
The amount of 'please login to read the rest of the article' popup blocks is insane now. They must be really trying to make money...

Looks like another Intel specific CPU issue. Be on the lookout for the new microcode updates

i was setting up postmaster on Linux Mint, and i saw that a lot of UDP requests were blocked from one local IP address. I found out the IP belonged to my parents Samsung smart TV. i loaded up wireshark and found out it is sending UDP requests with different port numbers per request. any ideas what is going on, and how i can stop it.

I guess it could be worse...

Hey Sysadmin,

I need some ideas around "IDS/IPS".

• What are people using for passing security audits?
• What about for AWS / Azure?
• Can they cover devices on/off prem (work from home, etc)
• What is a figure that your management team actually approved?

Everytime I have to do something with a dns, subnet, general networking shenanigans. I get really lost. Are there any good books for self learning that won't put me to sleep?

Grabbing a new coffee and enjoying some drama that has absolutely no affect on me what so ever....

cross-posted from: https://reddthat.com/post/138527

Wow Microsoft. You actually suck.

It'd be great if this could be a community for sysadmins of NSFW sites.