To be pedantic, they have a navy, just no large ships in said navy.

How have the “interactive” features been now that there are fewer players? Is it a wasteland, or does the game still randomly place in user generated content from when the game first released?

Pretty stoked for the upcoming Vault Hunters “vanilla” mod.

Definitely second both of these. Cyberpunk 2077 post 2.0 is very solid, with an engaging, 100+ hour story. Similarly, control is a spectacular single player narrative, easily 20-30 hours of mindfuckery and atmospheric storytelling.

That isn’t how defense treaties work.

I thought Taiwan was China? Hard to invade yourself, eh, Xi?

Yeah, no shit, you’re the fucking CEO

Tens of thousands of children, killed or injured. And people wonder how the Palestinians become radicalized against Israel, the West, and the United States, or why there can’t be peace in the Middle East?

Forgiveness is probably the furthest thing from being on their minds.

This is nothing new, other than that Chase has brought this capability in-house. Credit card companies have shared purchase information with second parties forever.

Chase Media Solutions follows from the integration of card-linked marketing platform Figg, which JPMorgan Chase & Co. acquired in 2022

From my understanding, the impetus was that F5 submitted a CVE for a vulnerability, for an optional, “beta” feature that can be enabled. Dounin did not think a CVE should be submitted, since he did not considered it to be “production” feature.

That said, the vulnerability is in shipping code, regardless of whether it is optional or not, so per industry coding practices, it should either be patched or removed entirely in order to resolve the issue.

As a casual gamer, I can’t say this game even remotely reached the zeitgeist in 2024.

Hope they actually have interiors this time.

Interesting, but this article was published 3 years ago.

Two countries that can’t use SWIFT establish a transaction system no one else uses, that isn’t SWIFT. Got it.

Curious to see whether they are able to produce engines in sufficiently large volumes, and, which engines these exports will receive.

Allegedly, the WS-19 entered production earlier this year, but presumably, those are all destined for domestic J-31/35 production, and exports will continue to use the WS-13E.

1. From the title of your article and your executive summary, the premise of your paper is that CVSS is flawed, and CITE is your solution.
2. From the title of your article, and choice of name, “QHE CVSS Alternative; CITE”. CVSS is a VULNERABILITY Scoring System. CITE, as your propose, is a THREAT evaluation tool. You can see how one could have the impression that they were incorrectly being used interchangeably.

As you yourself stated, CVSS does exactly what it says on the box. It provides a singular rating for a software vulnerability, in a vacuum. It does not prescribe to do anything more, and it does a good job doing what it sets out to do (including specifically as an input to other quantitative risk calculations).

Compare what with attack?

Your methodology heavily relies on “the analysis of cybersecurity experts”, and in particular, frequently references “exploit chains”, mappings which are not clearly defined, and appears to rely on the knowledge of the individual practitioner, rather than existing open frameworks. MITRE ATT&CK and CAPEC already provide such a mapping, as well as a list of threat actor groups leveraging tactics, techniques, and procedures (e.g., exploitation of a given CVE). Here’s a good articlewhich maps similarly to how we operate our cybersecurity program.

I think there is a lot on the mark in your article about the issues with cybersecurity today, but again, I believe that your premise that CVSS needs replacing is flawed, and I don’t think you provided a compelling case to demonstrate how/why it is flawed. If anything, I think you would agree that if organizations are exclusively using CVSS scores to prioritize remediation, they’re doing it wrong, and fighting an impossible battle. But this means the organization’s approach is wrong, not CVSS itself.

Your article stands better alone as a proposal for a methodology for quantifying risk and threat to an organization (or society?), rather than as a takedown of CVSS.

You can always reflash it with your own if you hold that concern.

Glancing through your article, while you have correctly assessed the need for risk based prioritization of vulnerability remediation and mitigation, your central premise is flawed.

Vulnerability is not threat— CVSS is a scoring system for individual vulnerabilities, not exploit chains. For that, you’ll want to compare with ATT&CK or the legacy cyber kill chain.

Release date, 06/30/2024. Cease and desist date, 01/01/2024.

.(potksed ym rof) 68x naht rehto gnihtyna no swodniw nur reven ll’I ,epoN

.gnimoc eb lliw sehctap ytrap tsrif on os ,tsixe regnol on erawtfos taht etorw taht seinapmoc eht fo emos ,snur llits ti dna swodniw no (yllacipyt semag ro snigulp noitcudorp cisum rehtie) oga sedaced nettirw erawtfos pu llup yllanoisacco I tub ,krow rof PBM MRA ym htiw yppah yrev m’I