Home Blog Page 3822

ventura – Use Applescript to set a Music app playlist’s View Choices?

codesanitize
-
0
ventura – Use Applescript to set a Music app playlist’s View Choices?


I wrote an AppleScript that works 95% of the time for me with Catalina.

You may select any playlist as your supply (besides “Songs”) and apply the formatting to any playlist or folder.

Some playlists do not reply; they appear to be corrupted within the Music Library, and the one answer I may discover was to create a brand new playlist with a barely completely different title and duplicate the tracks over.

-- Conform Columns for Apple Music
-- Model 1.0
-- Created by Bret Barker 04/01/2024

-- This script asks for a supply playlist in Apple Music
--      and applys the column settings to chosen playlists (and folders).

-- You may't use a folder or the "Songs" playlist as a supply
--      (they lack the track index column).

-- You may apply adjustments to playlists, folders, and the "Songs" playlist.

-- If a playlist will not conform, there's something mistaken with it within the
--      Music Library database.

-- Resolution: create a brand new playlist (good or dumb) with a barely completely different
--      title and duplicate the tracks to it.


use AppleScript model "2.4" -- Yosemite (10.10) or later
use scripting additions
use framework "Basis"

set prefs_path to POSIX path of (path to preferences) & "com.apple.Music.plist"
set playlist_name_list to {}
set playlist_choose_list to {}
set change_name_list to {}
set playlist_ID_list to {}

set d to "This script copies a playlist’s column formatting to different playlists.
        
First, the Music software must stop and relaunch to save lots of column settings."

attempt
    set dialogAnswer to show dialog d buttons {"Cancel", "Go Forward"} ¬
        default button "Go Forward"
    
    -- restart Music to save lots of column prefs
    if button returned of dialogAnswer is "Go Forward" then
        inform software "Music" to stop
        delay 1
        inform software "Music" to activate
        
        repeat till software "Music" is working
            delay 0.5
        finish repeat
        
    finish if
    
on error quantity -128 -- userCanceledErr
    return
finish attempt


inform software "Music"
    activate
    
    -- get LIB ID
    set library_source to the supply named "Library"
    set lib_ID to my toLowerCase(persistent ID of library_source)
    
    set playlist_list to a reference to each person playlist in library_source
    
    -- construct listing of all playlists, listing of names, and listing of IDs
    repeat with the_playlist in playlist_list
        set playlist_name to call of the_playlist
        set playlist_ID to my toLowerCase(persistent ID of the_playlist)
        
        -- search for folders containing playlists
        set path_list to {}
        set tmp to the_playlist
        
        repeat whereas exists mum or dad of tmp
            set the_playlist_parent to mum or dad of tmp
            set parent_name to call of the_playlist_parent
            set parent_ID to my toLowerCase(persistent ID of the_playlist_parent)
            
            -- save title and ID to listing
            copy {parent_name, parent_ID} to starting of path_list
            set tmp to the_playlist_parent
        finish repeat
        
        -- construct listing of folders and sub-folders
        if path_list ≠ {} then
            set path_string to ""
            
            repeat with x in path_list
                set parent_name to merchandise 1 of x
                set the_ID to merchandise 2 of x
                
                -- base folder
                if path_string = "" then
                    set path_string to parent_name
                else
                    -- subfolders are separated by " > "
                    set path_string to path_string & " > " & parent_name
                finish if
                
                -- copy folders and sub-folders to remaining listing, add colon
                set tmp to (path_string & ":") as textual content
                if tmp will not be in playlist_name_list then
                    copy tmp to finish of playlist_name_list
                    copy the_ID to finish of playlist_ID_list
                finish if
            finish repeat
            
            -- add playlist to folder path
            copy path_string & " > " & playlist_name to finish of playlist_name_list
            copy path_string & " > " & playlist_name to finish of playlist_choose_list
            copy playlist_ID to finish of playlist_ID_list
            
            
            --  ELSE add playlist with out folder
        else
            if playlist_name = "Music" then
                set playlist_name to "Songs"
            else
                -- preserve "Music/Songs" out of supply select listing
                copy playlist_name to finish of playlist_choose_list
            finish if
            
            -- add "Music/Songs" and others to full listing
            copy playlist_name to finish of playlist_name_list
            copy playlist_ID to finish of playlist_ID_list
            
        finish if
    finish repeat
    
    
    -- select the supply playlist
    set the_list to select from listing playlist_choose_list ¬
        with immediate "Which playlist has the proper column format?"
    if the_list is fake then return -- stop if no choice
    
    set source_playlist to merchandise 1 of the_list
    
    -- get ID of supply playlist
    set item_index to my firstIndexOf(source_playlist, playlist_name_list)
    set playlist_ID to merchandise item_index of playlist_ID_list
    
    -- learn settings of supply playlist
    set source_settings to do shell script "defaults learn '" & prefs_path ¬
        & "' '" & "PPr4:LIB:" & lib_ID & ":" & playlist_ID & "' "
    
    -- change view to "as Songs" for goal playlists
    set source_settings to my regexReplace(source_settings, ¬
        "viewModeForPlaylist = d+", "viewModeForPlaylist = 4")
    
    
    -- take away supply playlist from listing of goal playlists
    repeat with tmp in playlist_name_list
        set tmp_playlist to tmp as textual content
        if tmp_playlist ≠ source_playlist then
            copy tmp_playlist to finish of change_name_list
        finish if
    finish repeat
    
    -- select goal playlists to alter
    set target_playlists to select from listing change_name_list ¬
        with immediate "Which playlist(s) to alter?" with a number of alternatives allowed
    if target_playlists is fake then return -- stop if no choice
    
    
    -- stop Music to save lots of adjustments to prefs file
    set d to "The Music software will shut and re-open to use the adjustments."
    attempt
        set dialogAnswer to show dialog d buttons {"Cancel", "Go Forward"} ¬
            default button "Go Forward"
        
    on error quantity -128 -- userCanceledErr
        return
    finish attempt
    
    stop
finish inform

-- anticipate file write
delay 1

-- write chosen settings to the "com.apple.Music.plist" prefs file
--      utilizing IDs of goal playlists
repeat with the_target_name in target_playlists
    -- get index of goal in ID listing
    set item_index to my firstIndexOf(the_target_name, playlist_name_list)
    set playlist_ID to merchandise item_index of playlist_ID_list
    
    -- write prefs
    do shell script "defaults write '" & prefs_path & "' '" & "PPr4:LIB:" & lib_ID & ¬
        ":" & playlist_ID & "' '" & source_settings & "' "
finish repeat

-- anticipate file write
delay 1

-- relaunch Music
inform software "Music" to activate


-- END OF MAIN

-- START OF SUBROUTINES

on toLowerCase(theString)
    return (present software's NSString's stringWithString:theString)'s ¬
        lowercaseString() as textual content
finish toLowerCase


on regexReplace(inputString, searchString, replaceString)
    set nsCurApp to present software
    set nsSourceStr to nsCurApp's NSString's stringWithString:inputString
    set nsSourceStr to (nsSourceStr's stringByReplacingOccurrencesOfString:searchString ¬
        withString:replaceString choices:(nsCurApp's NSRegularExpressionSearch) ¬
        vary:size)
    
    return nsSourceStr as textual content
finish regexReplace


on firstIndexOf(anItem, aList)
    set anArray to present software's NSArray's arrayWithArray:aList
    return (anArray's indexOfObject:anItem) + 1
finish firstIndexOf

-- END OF SUBROUTINES

Malware exploits 5-year-old zero-day to contaminate end-of-life IP cameras

codesanitize
-
0
Malware exploits 5-year-old zero-day to contaminate end-of-life IP cameras


Malware exploits 5-year-old zero-day to contaminate end-of-life IP cameras
Picture: Midjourney

The Corona Mirai-based malware botnet is spreading by means of a 5-year-old distant code execution (RCE) zero-day in AVTECH IP cameras, which have been discontinued for years and won’t obtain a patch.

The flaw, found by Akamai’s Aline Eliovich, is tracked as CVE-2024-7029 and is a high-severity (CVSS v4 rating: 8.7) concern within the “brightness” operate of the cameras, permitting unauthenticated attackers to inject instructions over the community utilizing specifically crafted requests.

Particularly, the easy-to-exploit flaw lies within the “brightness” argument within the “motion=” parameter of the AVTECH cameras’ firmware, supposed to permit distant changes to the brightness of a digital camera.

The flaw impacts all AVTECH AVM1203 IP cameras operating on firmware variations as much as Fullmg-1023-1007-1011-1009.

As a result of impacted fashions not being supported by the Taiwanese vendor, having reached their finish of life (EoL) in 2019, no patch is on the market to handle CVE-2024-7029, and no fixes are anticipated to be launched.

The U.S. Cybersecurity and Infrastructure Safety Company launched an advisory at first of the month to warn about CVE-2024-7029 and the provision of public exploits, warning that the cameras are nonetheless utilized in business services, monetary companies, healthcare and public well being, and transportation methods.

Proof of idea (PoC) exploits for the actual flaw have been obtainable since no less than 2019, however a CVE was solely assigned this month, and no lively exploitation had been noticed beforehand.

PoC exploit for CVE-2024-7029
PoC exploit for CVE-2024-7029
Supply: Akamai

Exploitation underway

Corona is a Mirai-based variant that has been round since no less than 2020, exploiting numerous vulnerabilities in IoT gadgets to propagate.

Akamai’s SIRT staff reviews that beginning on March 18, 2024, Corona started leveraging CVE-2024-7029 in assaults within the wild, concentrating on AVM1203 cameras nonetheless in service regardless of them having reached EoL 5 years in the past.

The primary lively marketing campaign we noticed started on March 18, 2024, however evaluation confirmed exercise for this variant as early as December 2023. The proof of idea (PoC) for CVE-2024-7029 has been publicly obtainable since no less than February 2019, however it by no means had a correct CVE task till August 2024.

The Corona assaults, as these have been captured in Akamai’s honeypots, exploit CVE-2024-7029 to obtain and execute a JavaScript file, which, in flip, hundreds the first botnet payload onto the gadget.

As soon as nested on the gadget, the malware connects to its command and management (C2) servers and awaits directions on executing distributed denial of service (DDoS) assaults.

Different flaws focused by Corona, based on Akamai’s evaluation, are:

  1. CVE-2017-17215: A vulnerability in Huawei routers that permits distant attackers to execute arbitrary instructions on the affected gadgets by means of the exploitation of improper validation within the UPnP service.
  2. CVE-2014-8361: A distant code execution (RCE) vulnerability in Realtek SDK, which is usually present in client routers. This flaw will be exploited by means of the HTTP service operating on these routers.
  3. Hadoop YARN RCE: Vulnerabilities throughout the Hadoop YARN (But One other Useful resource Negotiator) useful resource administration system, which will be exploited to permit distant code execution on Hadoop clusters.

Customers of AVTECH AVM1203 IP cameras are really helpful to take them offline instantly and substitute them with newer and actively supported fashions.

As IP cameras are generally uncovered to the web, making them engaging targets for menace actors, they need to all the time run the most recent firmware model to make sure identified bugs are mounted. If a tool turns into discontinued, it needs to be changed with newer fashions to proceed receiving safety updates.

Moreover, default credentials needs to be modified to sturdy and distinctive passwords and they need to be separated from crucial or manufacturing networks.

The Energy of Reporting at Cisco Black Belt Academy: Driving Success for Companions

codesanitize
-
0
The Energy of Reporting at Cisco Black Belt Academy: Driving Success for Companions


In a world the place knowledge is the spine of enterprise, turning that knowledge into actionable insights is vital to success. At Cisco Black Belt Academy, our reporting course of performs a important position in enabling Companions and Distributors to make knowledgeable selections, streamline operations, and drive enterprise success. By leveraging a complicated device like PXP and drawing from sturdy knowledge sources, we offer personalized insights which can be each impactful and actionable.

The Worth of Reporting for our Companions and Distributors

The worth of our reporting course of goes far past knowledge presentation — it’s about empowerment, optimization, and strategic decision-making. Right here’s how our reporting provides worth to our Companions:

  1. Focused Coaching Suggestions: One in all our key focuses for the longer term is to refine our reporting course of to higher determine the most effective items of coaching appropriate for our companions and their particular person wants. By analyzing coaching progress and figuring out areas the place Companions are missing of their data buying journey, we are able to suggest focused coaching packages that may assist companions obtain high-value outcomes.
  2. Improved Companion Enablement: For Companions and Distributors, the PxP device gives important insights into particular person participant coaching and certification by structure, focus space, studying tracks and extra. These insights allow companions to watch their progress, determine gaps of their data, and take proactive steps to handle them. By understanding the place they stand and what they should do to enhance, Companions can optimize their enablement methods and obtain higher outcomes.
  3. Particular person Reporting Dashboard and My Studying Abstract: The Particular person Reporting Dashboard and My Studying Abstract in SalesConnect gives beneficial insights to companion people by providing a complete overview of their coaching progress, together with required, accomplished, registered, and in-progress trainings, alongside all acquired certificates and achievements. This platform helps our companion customers to trace their studying journey successfully, visualize progress via status-specific charts, and entry detailed studies to assist their steady improvement and success.
  4. Efficient Resolution Making: The insights supplied by Cisco inside instruments and dashboards are invaluable. These dashboards enable our stakeholders to trace companion efficiency, analyze companion people’ suggestions, determine tendencies, and align their assist efforts with the wants of their Companions. By having a transparent understanding of the place Companions are excelling and the place they want assist, we are able to present extra focused, efficient help. Furthermore, the personalized dashboards additionally provide real-time monitoring of high quality key metrics, enabling us to promptly deal with points, preserve excessive normal content material and foster ongoing enchancment.
  5. Information at your fingertips: The power to entry knowledge in nearly real-time ensures that our Companions are at all times working with the newest data. This immediacy is essential in as we speak’s fast-paced enterprise atmosphere, permitting companions to reply shortly to rising tendencies or challenges and alter their methods accordingly. Companions can discover the Companion Enablement webpage on SalesConnect and entry PXP Enablement Insights as effectively.

The Reporting Course of: Tailor-made Insights for Each Stakeholder

The reporting course of at Cisco Black Belt Academy is rigorously designed to satisfy the various wants of our stakeholders. So, here’s what it takes to get what you want:

  1. Information Extraction: Our journey begins with knowledge. We extract essential data from inside databases — highly effective platforms that home a wealth of knowledge on companion enablement, coaching progress, certifications, achievements, companion people’ suggestions and extra. This knowledge kinds the inspiration of our insights, guaranteeing that the studies we generate are complete, correct, and updated.
  2. Customized Dashboards: As soon as we have now the information, we create personalized studies and dashboards that cater particularly to the wants of our stakeholders. These dashboards aren’t nearly presenting knowledge; they’re about telling a narrative that guides our stakeholders towards strategic actions that drive success.
  3. Sharing Insights: After creating these dashboards, we share the enablement insights with our stakeholders. Companions and Distributors entry these insights by way of the PXP device, the place they’ll monitor participant particulars on the standing of Black Belt trainings and certifications which can be found from the Participant Info Tab beneath the Black Belt insights part inside Enablement, and determine the areas for enchancment. These dashboards allow us to assist our Companions and Distributors extra successfully and align inside methods with exterior wants.

Wanting Forward: The Way forward for Reporting at Cisco Black Belt Academy

As we transfer ahead, our dedication to delivering the absolute best insights to our Companions and Distributors stays unwavering. We’re repeatedly refining our use of inside and exterior instruments to reinforce the depth and accuracy of our insights. Moreover, we’re planning to determine essentially the most impactful coaching packages for our companions by leveraging Synthetic Intelligence and Machine Studying. By analyzing particular person and peer group coaching patterns utilizing AI, together with historic companion pursuits, we purpose to supply personalised coaching suggestions that may improve the educational expertise and drive success for each people and our prospects. By doing so, we purpose to make sure that our companions aren’t solely assembly their coaching necessities but in addition attaining the high-value outcomes that drive their enterprise success.

At Cisco Black Belt Academy, we imagine that reporting is greater than only a course of — it’s a pathway to success. By turning advanced knowledge into clear, actionable insights, we empower our stakeholders to make knowledgeable selections, optimize their methods, and obtain their objectives. With the facility of PXP, we’re poised to proceed delivering the insights that matter most, as we speak and sooner or later.

 

 

 

We’d love to listen to what you suppose. Ask a Query, Remark Beneath, and Keep Related with #CiscoPartners on social!

Cisco Companions Fb  |  @CiscoPartners X/Twitter  |  Cisco Companions LinkedIn

Share:



‘Brainless’ robotic can navigate complicated obstacles

codesanitize
-
0
‘Brainless’ robotic can navigate complicated obstacles


By Matt Shipman

Researchers who created a mushy robotic that might navigate easy mazes with out human or laptop route have now constructed on that work, making a “brainless” mushy robotic that may navigate extra complicated and dynamic environments.

“In our earlier work, we demonstrated that our mushy robotic was capable of twist and switch its manner via a quite simple impediment course,” says Jie Yin, co-corresponding writer of a paper on the work and an affiliate professor of mechanical and aerospace engineering at North Carolina State College. “Nevertheless, it was unable to show except it encountered an impediment. In sensible phrases this meant that the robotic may generally get caught, bouncing backwards and forwards between parallel obstacles.

“We’ve developed a brand new mushy robotic that’s able to turning by itself, permitting it to make its manner via twisty mazes, even negotiating its manner round transferring obstacles. And it’s all executed utilizing bodily intelligence, quite than being guided by a pc.”

Bodily intelligence refers to dynamic objects – like mushy robots – whose habits is ruled by their structural design and the supplies they’re manufactured from, quite than being directed by a pc or human intervention.

As with the sooner model, the brand new mushy robots are manufactured from ribbon-like liquid crystal elastomers. When the robots are positioned on a floor that’s no less than 55 levels Celsius (131 levels Fahrenheit), which is hotter than the ambient air, the portion of the ribbon touching the floor contracts, whereas the portion of the ribbon uncovered to the air doesn’t. This induces a rolling movement; the hotter the floor, the quicker the robotic rolls.

Nevertheless, whereas the earlier model of the mushy robotic had a symmetrical design, the brand new robotic has two distinct halves. One half of the robotic is formed like a twisted ribbon that extends in a straight line, whereas the opposite half is formed like a extra tightly twisted ribbon that additionally twists round itself like a spiral staircase.

This asymmetrical design implies that one finish of the robotic exerts extra power on the bottom than the opposite finish. Consider a plastic cup that has a mouth wider than its base. In case you roll it throughout the desk, it doesn’t roll in a straight line – it makes an arc because it travels throughout the desk. That’s as a consequence of its asymmetrical form.

“The idea behind our new robotic is pretty easy: due to its asymmetrical design, it turns with out having to come back into contact with an object,” says Yao Zhao, first writer of the paper and a postdoctoral researcher at NC State. “So, whereas it nonetheless adjustments instructions when it does come into contact with an object – permitting it to navigate mazes – it can’t get caught between parallel objects. As an alternative, its capacity to maneuver in arcs permits it to basically wiggle its manner free.”

The researchers demonstrated the power of the asymmetrical mushy robotic design to navigate extra complicated mazes – together with mazes with transferring partitions – and match via areas narrower than its physique measurement. The researchers examined the brand new robotic design on each a metallic floor and in sand.

“This work is one other step ahead in serving to us develop modern approaches to mushy robotic design – significantly for purposes the place mushy robots would be capable to harvest warmth power from their surroundings,” Yin says.

The paper, “Bodily Clever Autonomous Delicate Robotic Maze Escaper,” seems within the journal Science Advances. First writer of the paper is Yao Zhao, a postdoctoral researcher at NC State. Hao Su, an affiliate professor of mechanical and aerospace engineering at NC State, is co-corresponding writer. Further co-authors embrace Yaoye Hong, a current Ph.D. graduate of NC State; Yanbin Li, a postdoctoral researcher at NC State; and Fangjie Qi and Haitao Qing, each Ph.D. college students at NC State.

The work was executed with assist from the Nationwide Science Basis below grants 2005374, 2126072, 1944655 and 2026622.



NC Sate College

A Name to Motion for Securing ICS/OT Environments

codesanitize
-
0
A Name to Motion for Securing ICS/OT Environments


Aug 30, 2024The Hacker InformationICS Safety / OT Safety

A Name to Motion for Securing ICS/OT Environments

A complete information authored by Dean Parsons emphasizes the rising want for specialised ICS safety measures within the face of rising cyber threats.

With a staggering 50% improve in ransomware assaults focusing on industrial management programs (ICS) in 2023, the SANS Institute is taking decisive motion by saying the discharge of its important new technique information, “ICS Is the Enterprise: Why Securing ICS/OT Environments Is Enterprise-Important in 2024.” Authored by Dean Parsons, CEO of ICS Protection Power and a SANS Licensed Teacher, this information provides a complete evaluation of the quickly evolving menace panorama and offers important steps that organizations should take to safeguard their operations and guarantee public security. As cyber threats develop in each frequency and class, this information is an indispensable useful resource for securing the very important programs that underpin our world.

Key Insights from the Technique Information:

  1. The Rising Risk Panorama: The information particulars the alarming rise in cyber-attacks towards ICS/OT environments, with a portion being focusing on important infrastructure sectors. “The fact is that these assaults are not a query of if, however when,” says Parsons. “Organizations within the ICS area should acknowledge that their ICS is the enterprise.”
  2. Excessive-Affect, Low-Frequency Assaults: The information highlights the hazards of high-impact, low-frequency (HILF) assaults that may probably trigger catastrophic penalties, equivalent to widespread energy outages and environmental disasters. “These are the assaults that hold safety CSOs, VP of Engineering and others chargeable for ICS cyber protection, security, and danger administration, up at evening,” Parsons notes. “A coordinated focused management system assault could have cascading results throughout industries, areas, or nations.”
  3. 5 ICS Cybersecurity Important Controls: Parsons outlines the SANS 5 important controls mandatory for defending ICS/OT environments, together with ICS-specific incident response and defensible management system community structure. These controls aren’t simply technical suggestions but additionally enterprise imperatives supporting operational continuity and security.
  4. AI as an Augmentation Instrument: The information additionally discusses the position of synthetic intelligence (AI) in enhancing ICS safety whereas cautioning towards over-reliance on AI on the expense of human experience. “AI generally is a highly effective device, but it surely can not substitute the specialised data and decision-making capabilities of skilled ICS/OT

“We can not afford to be complacent,” Parsons warns. “This information is a must-read for anybody chargeable for defending important infrastructure – CSOs, VP Engineering, engineering security, and danger mangers. The steps outlined listed below are important for guaranteeing that our industrial programs proceed to function safely and reliably.”

SANS Institute encourages all organizations with ICS/OT environments to obtain the technique information and start implementing the advisable safety controls. Defending our important infrastructure is not only a technical problem however a business-critical crucial that requires rapid motion.

To obtain the complete technique information, go to https://www.sans.org/mlp/ics-business-guide-2024/.

Considering diving deeper into the world of Industrial Management Methods (ICS) Safety? Try the programs working at SANS Cyber Protection Initiative 2024.

Discovered this text attention-grabbing? This text is a contributed piece from one in all our valued companions. Comply with us on Twitter and LinkedIn to learn extra unique content material we publish.



1...3,8213,8223,823...4,286Page 3,822 of 4,286
© Newspaper WordPress Theme by TagDiv