[meta]
Tune, mayo and pasta. Quick and easy and I'll never tire of the taste.
07.03.2026 15:20
๐ 0
๐ 0
๐ฌ 0
๐ 0
[meta]
Tune, mayo and pasta. Quick and easy and I'll never tire of the taste.
Half thinking of proposing a couple of sessions on threat modelling and cyber exercises for @emf... Content is already written and it seems a shame to waste it.
#emfcamp
New leader on my EIC benchmark exam and it's my latest 17 year old T-Level student mentee.
<take temperature="hot">If AI was so great at pen testing, none of the AI would have vulnerabilities.</take>
[meta]
The number of new tabs is inversely proportional to the amount of time spent in online meetings.
[meta]
I participated in under the legal age use of SunOS...
s/q/n/g; # Quick patch to comments on US foreign policy
Tim's observation: in every organisation, there is a gap between enterprise security visibility and what funds the business/brings in customers/turns a profit. Understand your business' application stack and close that gap.
Good news, emails to their MSSP to start the exercise bounce. No TI injects for you then....
We've hit that point in the timeline when our generation start to EOF :(. stealth, FX, christer, roy...
Interesting Git repos of the week:
Strategy:
* https://github.com/jacobdjwilson/awesome-annual-security-reports - all you can eat annual reports, thanks @jacobdjwilson
Detection:
* https://github.com/EFForg/rayhunter - hunting cell site simulators with @eff
Exploitation:
* [โฆ]
Interesting links of the week:
Strategy:
* https://www.enisa.europa.eu/publications/the-enisa-cybersecurity-exercise-methodology - dressing up as a 17 year old or Russian, the EUropean way
* https://storage.pardot.com/898251/1772108192Ii5PhZV6/Annual_Cyber_Security_Research_Report_2025.pdf - [โฆ]
Ethical AI pivot. Providing the compute and data to track, evidence, prosecute wacriminals.
We have always been at war with Meglomania.
#microfiction
Anyone fuzzing Wayland yet?
Interesting Git repos of the week:
Strategy:
* https://github.com/jacobdjwilson/awesome-annual-security-reports - all you can eat annual reports, thanks @jacobdjwilson
Detection:
* https://github.com/EFForg/rayhunter - hunting cell site simulators with @eff
Exploitation:
* [โฆ]
Interesting links of the week:
Strategy:
* https://www.enisa.europa.eu/publications/the-enisa-cybersecurity-exercise-methodology - dressing up as a 17 year old or Russian, the EUropean way
* https://storage.pardot.com/898251/1772108192Ii5PhZV6/Annual_Cyber_Security_Research_Report_2025.pdf - [โฆ]
The window falling starts on Monday. Operation tiny dolls.
[ukpolitics]
How good a leader he'll make for the country, we're still yet to really see but Zac Goldsmith is a politician of our generation. Some of his shit posting has been truely epic.
[ukpolitics]
Another car crash:
https://www.bbc.co.uk/news/articles/cedzv4xen99o
My wife taught SEN for over a decade, the government should be listen to to experts and not trying to cram already disadvantaged kids into mainstream education.
Watching one of our best red teams battle with his own soul cause I'm asking him to focus on artefact creation rather than defense evasion or trade craft.
Like, what kinds of things inhibit these techniques, let's see which ones the customer has in play and how well they are integrated with the [โฆ]
A couple of interesting links on SD-WAN security:
* https://www.mplify.net/wp-content/uploads/MEF_88.pdf - securing application flows in SD-WAN solutions (vendor neutral)
* https://arxiv.org/pdf/1811.04583 - focusses on orchestration, management and control (iterates through all the various [โฆ]
Today's oofness is on us :(:
https://blog.talosintelligence.com/uat-8616-sd-wan/
#threatintel, #sdwan
[meta]
Spoke to 2 of my old Portcullis team today and both are well (in one case 16 years on). There will come a time when I'll hear some sad news but today is not that day.
Got any plans to seize control and create an army from any household IoT today?
LLM thought: Move quickly and delete inbox.
Interesting Git repos of the (last 2) week(s):
Threats:
* https://github.com/AssoEchap/stalkerware-indicators - stalkerware IOCs
* https://github.com/AmnestyTech/investigations - @AmnestyTech investigations
Detection:
* https://github.com/spaceraccoon/vulnerability-spoiler-alert-action - [โฆ]
Seeding a Git repo for the cyber exercise in a few weeks...
What if it turns out we've *all* already been recruited by CIA and we just don't know it yet?
#microfiction
Interesting Git repos of the (last 2) week(s):
Threats:
* https://github.com/AssoEchap/stalkerware-indicators - stalkerware IOCs
* https://github.com/AmnestyTech/investigations - @AmnestyTech investigations
Detection:
* https://github.com/spaceraccoon/vulnerability-spoiler-alert-action - [โฆ]