Ham and Rosemary White Bean Soup

This easy and quick soup is perfect for cool fall evenings. Ready in less than 30 minutes and never breaking the bank! Serve with a rustic loaf or alongside Roasted Chicken Thighs.

Ingredients

6 Cans Cannellini Beans
1 Lg Onion, minced
4 Garlic Cloves, minced
1/2lb Thick-cut Bacon, chopped
4 C Chicken Stock
1 T Rosemary
1/2 T Thyme
1/4 T Aleppo Pepper Flake

Steps

If serving with roasted thighs, start them before continuing.
In a blender, blitz two cans of cannellini beans. Drain the other four.
In a large heavy bottomed pot, render bacon fat over medium heat.
Once bacon is cooked, add onions and saute until translucent.
Add garlic, cook until fragrant.
Add blitz cannellini beans, stock, whole beans, rosemary, thyme, pepper flake, and salt and pepper.
Cover, bring to a boil. Reduce heat, uncover and simmer 15 minutes.
If serving, place oiled and salted bread under broiler, set timer for 3 minutes and check often.
Serve along side a rustic loaf for a full meal, or as a compliment to roasted chicken thighs.

LibWebP (CVE-2023-4863)

Here is a non-exhaustive list of possible mitigations to prevent the exploitation of CVE 2023-4863 in the LibWebP library. This library has a heap buffer overflow available across all operating systems, most browsers, an exceptional number of Electron framework applications. This CVE is rated a 10 after previously being rated 8.8. This was due to an original disclosure from Google stating that Chrome was the only effected application. After investigation, it was discovered that all instances of the LibWebP library were vulnerable across all platforms. A similar CVE ( 2023-5217 ) is pending analysis for the VP8 webstream video format (a sister library to libwep.) As working proof-of-concepts are generally available to the public and Google and Apple both acknowledge threat actors and spyware vendors making use of the vulnerability, it is essential that you begin reviewing and patching all business critical applications. Patch Browsers, All of them All major and minor browsers acr

Show And Tell

Once a week, our security team gathers everyone into a meeting and shares the last week’s worth of security related news and any new security initiatives. This one hour may be the most valuable meeting we attend and has the greatest impact on successful security outcomes. What is it? We call ours a Security Show & Tell. (You can call it whatever fun and exciting name fits your corporate culture.) Regardless of the name, the goal is to set aside an hour each week to share three kinds of security stories and our response to them. Stories that are in the news. Stories that impact our work. Stories that impact our lives. Author’s Note: There’s some helpful tips below on how to gather these stories. Why you should do it There’s a lot of great reasons to do this, but I want to drive home a few really important ones. How many times has this happened to you? You wake up, open infosec.exchange , and begin scrolling only to find out that $Vendor has a nasty zero-day and organiza

HEAR Model

Photo by Oladimeji Ajegbile from Pexels This method of Bible study was handed down to me in 2008 at The University of Tennessee Chattanooga’s Baptist Collegiate Ministries (UTC-BCM). At the time Robbie Gallaty was leading Brainerd Baptist and had an intense focus on discipleship and relationship in the church family. His dedication to discipleship led to a resurgence of strong Godly men and families leading small groups in the community. Gus Hernandez was a mentee of Gallaty and passed the model down to the college group of which many BCM members were joint attendees of Brainerd. This model has been modified slightly by the 7 Questions model introduced to me by Jonathan Dixon, a mentor in both faith and career during my time at BlueCross BlueShield of TN. HEAR Model Highlight Explain Apply Respond The HEAR model is a technique used to rapidly assess the content, intent, and application of textual works. While it is useful for any context, this will specifically deal wi

All Good Men

Search This Blog