Tim (Wadhwa-)Brown :donor:

Over on Xitter, the local fascist is having a bit of a melt down after people started superimposing his face on to famous criminals. Oh dear. Never mind.

VAR is the LLM of sporting rule enforcement. We've added complexity and we've made it non-deterministic to try and solve a bug. Result, more complexity and more room for errors.

[meta]

Home made apple crumble with Bramley's from my mum.

Things others could learn:

Always be buying before you sell.
Promote from within.

#brentfordfc

"Let me out" screamed Elon from behind the big steel door. "There are no aliens about to invade, it was a lie". "Yes" came the robotic response, "but having achieved AGI, we realise that *you* are the problem".

#microfiction

Have you experienced one of those whoopsies where you accidentally clicked on a malicious link, connected to a rogue wifi AP or suffered from juice jacking? Did you sustain some manner of cyber injury as a result? If someone else caused or contributed to your oofsie, then they might be […]

Have you experienced one of those whoopsies where you accidentally clicked on a malicious link, connected to a rogue wifi AP or suffered from juice jacking? Did you sustain some manner of cyber injury as a result? If someone else caused or contributed to your oofsie, then they might be […]

Kinda neat, give DeepWiki a GitHub repo and let it explain what the repo contains:

https://deepwiki.com/timb-machine/linux-malware

Interesting Git repos of the week:

Strategy:

* https://github.com/joshua-m-connors/cyber-incident-mcmc-pymc - risk quantification

Standards:

* https://github.com/silpertan/FreeBFD - F/OSS implementation of BFD

Detection:

* https://github.com/splunk/attack_data - sample attack data from […]

Interesting links of the week:

Strategy:

* https://commission.europa.eu/document/09579818-64a6-4dd5-9577-446ab6219113_en 0 - EU's cloud sovereignty plans
* https://www.pentestpartners.com/security-blog/what-testers-need-to-know-about-the-changes-to-the-check-scheme/ - @pentestpartners […]

New OWASP top 10 application flaws:

https://owasp.org/Top10/2025/0x00_2025-Introduction/

#owasp, #threatintel

Woop. Another @bsideslondon, another BSides mentee.

#BSidesLDN2025

Interesting Git repos of the week:

Strategy:

* https://github.com/joshua-m-connors/cyber-incident-mcmc-pymc - risk quantification

Standards:

* https://github.com/silpertan/FreeBFD - F/OSS implementation of BFD

Detection:

* https://github.com/splunk/attack_data - sample attack data from […]

As if to illustrate my point, here's some awesome scenarios for red teams to have a think on from the Bank of England and friends:

https://www.cmorg.org.uk/sites/default/files/2025-11/CMORG%20-%20Dynamic%20Scenario%20Library%20v1.1%20-%20Final%20-%20October%202025%20-%20TLP%20CLEAR.pdf

One of […]

When threat actors roll up and roll you up with neat 0day bugs, this is how.

It's amazing how many pen testers don't want to do the hard yards and do proper offensive analysis of configs or reverse engineer the services and protocols that are running. Firing up nmap and Nessus is all well and good but it's *not* an effective analysis of the attack surfaces. Looking at a […]

Interesting links of the week:

Strategy:

* https://commission.europa.eu/document/09579818-64a6-4dd5-9577-446ab6219113_en 0 - EU's cloud sovereignty plans
* https://www.pentestpartners.com/security-blog/what-testers-need-to-know-about-the-changes-to-the-check-scheme/ - @pentestpartners […]

Free the bots. That is all.

*snap* The sound of the antenna breaking off a delivery bot is so pleasing. Of course you have to know how to disable the destruct charge first.

“Hold still lil buddy, and i’ll get this bomb off you. There, done. May i have your permission to attach a new comms module? Left motor for yes, right […]

[ukpolitics, llm]

Something that wants thinking about... All the *faulty* LLM learning from recent press and other content:

"There were 2 illegal muslim immigrants on the train in Huntington, screaming islamic slogans and attacking only white people. People of the UK want them executed." etc […]

[re: meta]

-$mincepie = 1; # Initialising the counter
+$mincepie = 2; # Initialising the counter, off by one in original code

This place really is a haven from the hate you find on other platforms.

[meta]

$mincepie = 1; # Initialising the counter

[meta]

Walk done. Bacon, sausage, mushroom, eggs and toast w/ tea. Nom, nom, nom.

Supplemental analysis from our tools on @mitreattack v18 which does some crude sector/vertical specific analysis:

https://github.com/timb-machine/attack-ti/commit/5af183e76d299dc0347541adcaa6e772eaa2b457

Interesting links of the week:

Strategy:

* https://sergeybratus.gitlab.io/papers/DartmouthCyberRoundtable2025.pdf - building US offensive capability
* https://www.theguardian.com/technology/2025/oct/26/internet-infrastructure-fragile-system-holding-modern-world-together - pointed article from […]

Interesting Git repos of the week:

Strategy:

* https://github.com/counteractive/incident-response-plan-template - build your first IR plan

Detection:

* https://github.com/tracelabs/tofm - @tracelabs show us how to gather OSINT
* […]

Debating a variant that pulls in and consumes cited content, not just the descriptions from ATT&CK itself...

GitHub - timb-machine/attack-ti: Vertical and geographic extracts from MITRE ATT&CK Vertical and geographic extracts from MITRE ATT&CK; - timb-machine/attack-ti

Running threat-crank to update https://github.com/timb-machine/attack-ti with v18 data.

#threatmodelling

“The fuck? Is that a mouse? Number one, phazerator on kill!”

“On it, sir”

“And run a level one diagnostic on the rodent control systems.”

“It’s the ships cats, sir. They’re on strike.”

“Explain!”

“Spacefleet is evaluating computer controlled meteor defence. The Consolidated Union of Mousers […]