Half the school board thinks Keith deserves a third chance (that's right, not his first time making inappropriate comments to a child).

They say only he can decide if he wants to step down. They did vote in favor of censuring him. The rest of the school board members that laughed during the comment and touching of a child faced no repercussion. Some even pretended to be offended during the emergency hearing.

cross-posted from: https://lemmy.world/post/45350334

#Thousands of consumer routers hacked by Russia’s military

##End-of-life routers in homes and small offices hacked in 120 countries.

The Russian military is once again hacking home and small office routers in widespread operations that send unwitting users to sites that harvest passwords and credential tokens for use in espionage campaigns, researchers said Tuesday.

An estimated 18,000 to 40,000 consumer routers, mostly those made by MikroTik and TP-Link, located in 120 countries, were wrangled into infrastructure belonging to APT28, an advanced threat group that’s part of Russia’s military intelligence agency known as the GRU, researchers from Lumen Technologies’ Black Lotus Labs said. The threat group has operated for at least two decades and is behind dozens of high-profile hacks targeting governments worldwide. APT28 is also tracked under names including Pawn Storm, Sofacy Group, Sednit, Tsar Team, Forest Blizzard, and STRONTIUM.

###Technical sophistication, tried-and-true techniques

A small number of routers were used as proxies to connect to a much larger number of other routers belonging to foreign ministries, law enforcement, and government agencies that APT28 wanted to spy on. The group then used its control of routers to change DNS lookups for select websites, including, Microsoft said, domains for the company’s 365 service.

“Known for blending cutting-edge tools such as the large language model (LLM) ‘LAMEHUG’ with proven, longstanding techniques, Forest Blizzard consistently evolves its tactics to stay ahead of defenders,” Black Lotus researchers wrote. “Their previous and current campaigns highlight both their technological sophistication and their willingness to revisit classic attack methods even after public exposure, underscoring the ongoing risk posed by this actor to organizations worldwide.”

To hijack the routers, the attackers exploited older models that hadn’t been patched against known security vulnerabilities. They then changed DNS settings for select domains and used the Dynamic Host Configuration Protocol to propagate them to router-connected workstations. When connected devices visited the selected domains, their connections were proxied through malicious servers before reaching their intended destination.

These adversary-in-the-middle servers used self-signed certificates. When the end user clicked through browser warnings, the servers captured all traffic passing through them. Among other things, they collected OAuth tokens and other credentials set after users, unaware their connections were being tapped, completed multifactor authentication.

The operation began in May 2025 on a limited number of devices. Then, in August, Britain’s National Cyber Security Center released an alert that documented a malware campaign a threat group was using to “intercept and exfiltrate Microsoft Office account credentials and tokens.” The following day, the threat group rapidly stepped up the router hijacking, an activity it continued to ramp up in the coming months.

Over a four-week period starting on December 12, Black Lotus observed more than 290,000 distinct IP addresses sending at least one DNS request to the malicious APT28 DNS resolver. “This suggested that as one capability was disclosed, the actor immediately shifted to another to continue acquiring authentication material,” company researchers wrote.

Black Lotus described the methodology this way:

1. DNS changes were then propagated to the workstations on the adjacent LAN via Dynamic Host Configuration Protocol (DHCP).
2. The actor operated a DNS server to behave like a typical recursive resolver, but when a targeted Fully Qualified Domain Name (FQDN) was queried, it was configured to provide a record back containing its own IP address instead of the correct address. The only interventions were triggered by domains associated with authentication-related services. If any other domain was requested, traffic passed directly through.
3. The actor ran a proxy service as the AitM that the end user was directed to via DNS. The only sign of this attack would be a pop-up warning about connecting to an untrusted source because of the “break and inspect.”
4. If warnings were present and ignored or clicked through, the actor proxied requests to the legitimate services, collecting the data at the midpoint and collecting data associated with the targeted account by passing the valid OAuth token. This allowed the actor to break and inspect traffic and access authentication material such as Oauth tokens after completing the multifactor challenge.

APT28 has a history of hacking routers. In 2018, researchers discovered 500,000 of the devices, mostly located in the US, were infected with malware tracked as VPNFilter. In 2024, the US Justice Department caught the group doing it again.

The easiest way for people to know if their router has been compromised in the operation is to review the current DNS settings to see if they list unrecognized servers. Users should also check event logs for any unrecognized changes to DNS server settings. People should also strongly consider replacing end-of-life routers with ones that receive regular security updates. People should never click through browser alerts warning of untrusted TLS certificates.

– Dan Goodin Senior Security Editor

Here's my beautiful unemployed-for-too-long-have-no-money-dont-care-about-looks lab :)

Hey it's more than good enough to run all this ¯_(ツ)_/¯

Dario Sanchez, 32, shared in interviews with KERA News his perspective on the charges he's facing related to a shooting that occurred outside the Prairieland Detention Center on July 4, 2025. Sanchez was not at the shooting but has been arrested three times in connection.

Related story about another Prairieland defendant: https://www.texasobserver.org/antifa-scare-prairieland-19-trial-ice-detention/

The 19th and final defendant, Lucy Fowlkes, was arrested in January and charged with two counts of hindering prosecution of terrorism. She is alleged to have helped delete messages and remove people from group chats. Prosecutors allege that the deleted messages contained evidence of planning the incident and planning to help Song evade arrest and “by extension, [to] hinder prosecution of terrorism.”

Here is the actual criminal complaint for Lucy Fowlkes: https://prairielanddefendants.com/wp-content/uploads/2026/01/980161192-Lucy-Fowlkes-Criminal-Complaint.pdf

Her messages giving instructions on how to delete messages are used as evidence of her charges.

Here is a relevant excerpt from the arrest warrant affidavit for another Prairieland defendant Janette Goering, written by Johnson County detective William J. Reilly:

1. Kent and Sharp indicated the arrangement to meet at the Murphy’s USA was conducted via signal chats. Signal is an end-to-end encrypted chat commonly used with intent to mitigate digital footprint and have conversations that have the ability to be deleted and unrecoverable. I know based on my training and experience the individuals who utilize end-to-end encrypted chats to be engaged in criminal activity, whether it be a conspiracy to commit a criminal offense or sharing of child sexual abuse material (CSAM).

Here is the actual arrest warrant affidavit for Janette Goering (the quote is from page 7, paragraph 10 of the PDF): https://prairielanddefendants.com/wp-content/uploads/2026/04/Goering/2025-10-21/-/_Search/_Warrant/Affidavit//_J./_Goering/_OCR.pdf

I have a OnePlus5T that runs PostmarketOS (console, no GUI). I use pmbootstrap to flash the image and it serves me well for the most part. To make the internet connection more stable, I wish to connect the phone to the router using an Ethernet adapter.

I have borrowed a Porttonics Ethernet 8in1 adapter and works well on other stock android phones. I can use ethernet nicely and surf sites on those phones

I seem to be unable to do this with Postmarket OS. Based on what i have read, I think the kernel needs to be tweaked so it can connect and work with the router. Does anyone know how to do this?

(This is my second post on this topic. Apologies).

It came with my Logitech C922 webcam.

No idea what this shit is, but if you want it, here you go.

c19d3f86-1e7f-41b9-bbaa-0f940c6ad573

Have you ever found yourself deciding against a game you would otherwise check out because of what game engine it uses?

What it looks like:

Here's an example of such a post: https://sh.itjust.works/post/58082125

They uploaded an image and then included a URL as the body/text.

On Lemmy, it looks like an image post, with a small expando to the right of the title that you can click to show the body:

Why you should stop doing it:

1. It makes high-quality posts look the same as low-quality ones.

I automatically downvote most image/meme submissions and posts with bad/non-descriptive titles for quality control. Linking directly to a source is how you make a high-quality submission. You can include screenshots or quotes in the body of the post.

2. I could start clicking the expando next to the title to check if a source was provided, but there's going to be a user option to block image posts in the next lemmy update (v0.20), so that format is not good since lots of people will start to automatically block them.

3. You can put images in the body of the posts.

Why should anyone care?

Low-quality, easy-to-digest content will dominate and drown out everything else if no one does anything to limit it. It degrades the internet and our brains.

A blog that elaborates:

The Cargo Cult of The Ennui Engine https://medium.com/@max.p.schlienger/the-cargo-cult-of-the-ennui-engine-890c541cebcb

Today's game is some more Ghost of Tsushima. I spent all day today just enjoying the world and exploring. I was reading through my Photography text book and read people's eyes are drawn to brighter colors in pictures, so anyways here's a bright picture (and a not so bright subject matter).

This brings me too my first point. The early stealth kill animations are really brutal. Like, i have a pretty high tolerance too stuff like that but hearing the crunch as Jin stabs the guy is a whole other level.

While i was doing the mission where you save the Blacksmiths too i had this one guy die with his leg up in the air. I hadn't seen something like this in the game so i thought it was funny.

That brings me to my next point about this mission though. I thought it was a bit too long for being in such a small area. It felt like just running around the small space back and forth. It really dragged it out.

I had wanted too finish off the night by getting too the end of Chapter 1, but i hadn't realized it went on so long. I'll have to continue tomorrow because i genuinely ran out of time with how much there seems left to do.

One final subject i wanted too touch on is that this game makes me wish for a Robin Hood game. A lot of the "Tales of Tsushima" Remind me of some of the Robin Hood stories and really make me wish there was a video game version.

I'm sketching the idea of building a NAS in my home, using a USB RAID enclosure (which may eventually turn into a proper NAS enclosure).

I haven't got the enclosure yet but that's not that big of a deal, right now I'm thinking whether to buy HDDs for the storage (currently have none) to setup RAID, but I cannot find good deals on HDDs.

I found on reddit that people were buying high capacity drives for as low as $15/TB, e.g. paying $100 for 10/12TB drives, but nowadays it's just impossible to find drives at a bargain price, thanks to AI datacenters, I guess.

In Europe I've heard of datablocks.dev where you can buy white-label or recertified Seagate disks, sometimes you can find refurbished drives in eBay, but I can't find these bargain deals everyone seemed to have up until last year?

For example, is 134 EUR for a 6TB refurbished Toshiba HDD a good price, considering the price hikes? What price per TB should I be looking for to consider the drives cheap? Where else can I search for these cheap drives?

I'm not a fan of some of the Purple Roman Cancel changes, as they were expensive options that added depth to the game, but this largely looks like a good patch. If your gripe with the game was either Wild Assault or Happy Chaos (and most of us had gripes with Happy Chaos), then tomorrow will be a great time to give the game another go.

It was the man who died. The cause of death is still being investigated, but he was 89 years old.