Paul Brears
@paulbrears.bsky.social
Security engineering, Azure and AWS
Reposted by Paul Brears
so @matteowong.bsky.social & I wrote on data centers: arguably the most important buildings in the world & are, in a way, holding the economy hostage. Byzantine financial instruments, private equity, depreciating tech, hype, $trillion valuations. it’s all there. an ai crash prob starts here.
Here’s How the AI Crash Happens
The U.S. is becoming an Nvidia-state.
www.theatlantic.com
October 30, 2025 at 10:25 PM
so @matteowong.bsky.social & I wrote on data centers: arguably the most important buildings in the world & are, in a way, holding the economy hostage. Byzantine financial instruments, private equity, depreciating tech, hype, $trillion valuations. it’s all there. an ai crash prob starts here.
Reposted by Paul Brears
So my daughter is back from Cambridge just for Sunday lunch. She wants a proper roast dinner with roast spuds and Yorkshires. Takes a bit of work on the timing but no problem, we will have a lovely chill time.
I thought. /1
I thought. /1
October 26, 2025 at 3:53 PM
So my daughter is back from Cambridge just for Sunday lunch. She wants a proper roast dinner with roast spuds and Yorkshires. Takes a bit of work on the timing but no problem, we will have a lovely chill time.
I thought. /1
I thought. /1
Reposted by Paul Brears
In Sirotin’s case, the fatal mistake came in the form of two online purchases — a knife, bought with the same email address used to rent the suspicious servers discovered by investigators, and a pair of plane tickets he had bought for his parents
on.ft.com/4hhtmGd
on.ft.com/4hhtmGd
An unlikely couple, a doomed affair and their €64mn ransomware scam
How a mysterious tip-off led investigators to uncover the inner workings of a highly unusual hacking operation
on.ft.com
October 18, 2025 at 9:19 AM
In Sirotin’s case, the fatal mistake came in the form of two online purchases — a knife, bought with the same email address used to rent the suspicious servers discovered by investigators, and a pair of plane tickets he had bought for his parents
on.ft.com/4hhtmGd
on.ft.com/4hhtmGd
Reposted by Paul Brears
Intune now has dedicated security recommendations docs just like Entra 🔥
The Entra security docs are extremely popular, and I love seeing other teams publishing this kind of guidance
Thanks to my collegaue (Josh Gatewood) for pointing this out!
learn.microsoft.com/en-us/intune...
The Entra security docs are extremely popular, and I love seeing other teams publishing this kind of guidance
Thanks to my collegaue (Josh Gatewood) for pointing this out!
learn.microsoft.com/en-us/intune...
October 10, 2025 at 4:49 AM
Intune now has dedicated security recommendations docs just like Entra 🔥
The Entra security docs are extremely popular, and I love seeing other teams publishing this kind of guidance
Thanks to my collegaue (Josh Gatewood) for pointing this out!
learn.microsoft.com/en-us/intune...
The Entra security docs are extremely popular, and I love seeing other teams publishing this kind of guidance
Thanks to my collegaue (Josh Gatewood) for pointing this out!
learn.microsoft.com/en-us/intune...
Reposted by Paul Brears
The real (economic) AI apocalypse is nigh
"So, you're saying a third of the stock market is tied up in seven AI companies that have no way to become profitable and that this is a bubble that's going to burst and take the whole economy with it?"
"Yes"
pluralistic.net/2025/09/27/e...
By Cory Doctorow
"So, you're saying a third of the stock market is tied up in seven AI companies that have no way to become profitable and that this is a bubble that's going to burst and take the whole economy with it?"
"Yes"
pluralistic.net/2025/09/27/e...
By Cory Doctorow
Pluralistic: The real (economic) AI apocalypse is nigh (27 Sep 2025) – Pluralistic: Daily links from Cory Doctorow
pluralistic.net
October 8, 2025 at 6:24 AM
The real (economic) AI apocalypse is nigh
"So, you're saying a third of the stock market is tied up in seven AI companies that have no way to become profitable and that this is a bubble that's going to burst and take the whole economy with it?"
"Yes"
pluralistic.net/2025/09/27/e...
By Cory Doctorow
"So, you're saying a third of the stock market is tied up in seven AI companies that have no way to become profitable and that this is a bubble that's going to burst and take the whole economy with it?"
"Yes"
pluralistic.net/2025/09/27/e...
By Cory Doctorow
Reposted by Paul Brears
Here's what you need to know about the RCE flaw in the Cisco appliance software
Cisco: sec.cloudapps.cisco.com/security/cen...
NCSC: www.ncsc.gov.uk/news/persist...
CISA: www.cisa.gov/news-events/...
One CVE is up at www.cve.org/CVERecord?id...
One is reserved. www.cve.org/CVERecord?id...
Cisco: sec.cloudapps.cisco.com/security/cen...
NCSC: www.ncsc.gov.uk/news/persist...
CISA: www.cisa.gov/news-events/...
One CVE is up at www.cve.org/CVERecord?id...
One is reserved. www.cve.org/CVERecord?id...
Cisco Security Advisory: Cisco Secure Firewall Adaptive Security Appliance Software, Secure Firewall Threat Defense Software, IOS Software, IOS XE Software, and IOS XR Software Web Services Remote Cod...
A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software,...
sec.cloudapps.cisco.com
September 25, 2025 at 4:55 PM
Here's what you need to know about the RCE flaw in the Cisco appliance software
Cisco: sec.cloudapps.cisco.com/security/cen...
NCSC: www.ncsc.gov.uk/news/persist...
CISA: www.cisa.gov/news-events/...
One CVE is up at www.cve.org/CVERecord?id...
One is reserved. www.cve.org/CVERecord?id...
Cisco: sec.cloudapps.cisco.com/security/cen...
NCSC: www.ncsc.gov.uk/news/persist...
CISA: www.cisa.gov/news-events/...
One CVE is up at www.cve.org/CVERecord?id...
One is reserved. www.cve.org/CVERecord?id...
Reposted by Paul Brears
NEW: A pair of vulnerabilities in Microsoft's Entra ID system could have allowed an attacker to gain access to virtually EVERY Azure account. Fortunately, they were patched before a malicious actor found them. @mattburgess1.bsky.social + @lhn.bsky.social report: www.wired.com/story/micros...
This Microsoft Entra ID Vulnerability Could Have Caused a Digital Catastrophe
A pair of flaws in Microsoft's Entra ID identity and access management system could have allowed an attacker to gain access to virtually all Azure customer accounts.
www.wired.com
September 18, 2025 at 3:14 PM
NEW: A pair of vulnerabilities in Microsoft's Entra ID system could have allowed an attacker to gain access to virtually EVERY Azure account. Fortunately, they were patched before a malicious actor found them. @mattburgess1.bsky.social + @lhn.bsky.social report: www.wired.com/story/micros...
Reposted by Paul Brears
"You acknowledge that planting your feet and pulling in the opposite direction is not a valid negotiating strategy for extending the length of the walk, though admittedly it is often quite effective."
Terms and Conditions for Walks with My Dog
This agreement is between me (“me”) and you (“the dog”) and is designed to govern the rules, policies, and expected behavior on our walks together....
buff.ly
August 31, 2025 at 1:30 PM
"You acknowledge that planting your feet and pulling in the opposite direction is not a valid negotiating strategy for extending the length of the walk, though admittedly it is often quite effective."
Reposted by Paul Brears
Microsoft issued a blog post today on a new hellacious ransomware attack by Storm-0501 that hops from on-prem assets to the cloud and then deletes everything it can, including backups, encrypting everything else. 1/2
www.csoonline.com/article/4046...
www.csoonline.com/article/4046...
Storm-0501 debuts a brutal hybrid ransomware attack chain
Storm-0501 is hijacking privileged accounts, deleting backups, and encrypting cloud data in a new hybrid ransomware campaign. Microsoft urges CISOs to enforce least privilege, drill ransomware playboo...
www.csoonline.com
August 27, 2025 at 6:06 PM
Microsoft issued a blog post today on a new hellacious ransomware attack by Storm-0501 that hops from on-prem assets to the cloud and then deletes everything it can, including backups, encrypting everything else. 1/2
www.csoonline.com/article/4046...
www.csoonline.com/article/4046...
Reposted by Paul Brears
Staggering chart from the FT. Each of Alphabet, Amazon, Microsoft and Meta (MAMA!) are set to spend over $100bn annually on capex by 2030, more than all four combined in 2020. All because of the LLM-triggered AI boom...
on.ft.com/3HwH8Y8
on.ft.com/3HwH8Y8
August 14, 2025 at 6:09 AM
Staggering chart from the FT. Each of Alphabet, Amazon, Microsoft and Meta (MAMA!) are set to spend over $100bn annually on capex by 2030, more than all four combined in 2020. All because of the LLM-triggered AI boom...
on.ft.com/3HwH8Y8
on.ft.com/3HwH8Y8
Reposted by Paul Brears
After much delay, #SharePoint Online finally supports sensitivity labels with user-defined permissions. Might not sound important, but it opens up support for DLP, eDiscovery, and more.
office365itpros.com/2025/08/14/u...
#Microsoft365
office365itpros.com/2025/08/14/u...
#Microsoft365
User-Defined Permissions Sensitivity labels Support in SPO
Finally, Microsoft solved the technical issues that blocked SharePoint Online support for sensitivity labels with user-defined permissions. The feature is GA.
office365itpros.com
August 14, 2025 at 8:34 AM
After much delay, #SharePoint Online finally supports sensitivity labels with user-defined permissions. Might not sound important, but it opens up support for DLP, eDiscovery, and more.
office365itpros.com/2025/08/14/u...
#Microsoft365
office365itpros.com/2025/08/14/u...
#Microsoft365
Reposted by Paul Brears
"For the cover art of my debut novel, I envisioned a foggy background with two shadowy figures grasping for each other but remaining barely out of reach. Instead, the publisher insisted on a pink background with an illustration of a baby giraffe next to a Ferris wheel."
Don’t Judge My Book by Its Cover
Don’t judge my book by its cover. For the cover art of my debut novel, I envisioned a mysterious, foggy background with two shadowy figures graspi...
buff.ly
August 13, 2025 at 3:15 PM
"For the cover art of my debut novel, I envisioned a foggy background with two shadowy figures grasping for each other but remaining barely out of reach. Instead, the publisher insisted on a pink background with an illustration of a baby giraffe next to a Ferris wheel."
Reposted by Paul Brears
The August 2025 update for the Automating #Microsoft365 with #PowerShell eBook is available for subscribers to download. 350+ pages of fun-filled practical examples of how to automate Exchange, SharePoint, Teams, OneDrive, Entra ID, etc.
office365itpros.com/2025/07/28/m...
office365itpros.com/2025/07/28/m...
office365itpros.com
July 28, 2025 at 8:18 AM
The August 2025 update for the Automating #Microsoft365 with #PowerShell eBook is available for subscribers to download. 350+ pages of fun-filled practical examples of how to automate Exchange, SharePoint, Teams, OneDrive, Entra ID, etc.
office365itpros.com/2025/07/28/m...
office365itpros.com/2025/07/28/m...
Reposted by Paul Brears
Worth a watch:
Head of Signal, Meredith Whittaker, on so-called "agentic AI" and the difference between how it's described in the marketing and what access and control it would actually require to work as advertised.
Head of Signal, Meredith Whittaker, on so-called "agentic AI" and the difference between how it's described in the marketing and what access and control it would actually require to work as advertised.
June 26, 2025 at 4:28 PM
Worth a watch:
Head of Signal, Meredith Whittaker, on so-called "agentic AI" and the difference between how it's described in the marketing and what access and control it would actually require to work as advertised.
Head of Signal, Meredith Whittaker, on so-called "agentic AI" and the difference between how it's described in the marketing and what access and control it would actually require to work as advertised.
Reposted by Paul Brears
I have not paid a ton of attention to the uproar over RTO policies, bc we are all in on distributed teams and not going back.
My impression (via social media) has been that these were shadow layoffs.
Last month I asked an investor why they are doing RTO. He said: "Retention, mostly. And morale."
My impression (via social media) has been that these were shadow layoffs.
Last month I asked an investor why they are doing RTO. He said: "Retention, mostly. And morale."
May 26, 2025 at 11:13 PM
I have not paid a ton of attention to the uproar over RTO policies, bc we are all in on distributed teams and not going back.
My impression (via social media) has been that these were shadow layoffs.
Last month I asked an investor why they are doing RTO. He said: "Retention, mostly. And morale."
My impression (via social media) has been that these were shadow layoffs.
Last month I asked an investor why they are doing RTO. He said: "Retention, mostly. And morale."
Reposted by Paul Brears
Because some damn fool asked, here's a thread about Baxter.
This was taken on the day I brought home Baxter and threw away all hope of an easy life.
Look at him. Absolutely irresistible.
And that's how they get you, the utter bastards
This was taken on the day I brought home Baxter and threw away all hope of an easy life.
Look at him. Absolutely irresistible.
And that's how they get you, the utter bastards
November 20, 2024 at 2:48 PM
Because some damn fool asked, here's a thread about Baxter.
This was taken on the day I brought home Baxter and threw away all hope of an easy life.
Look at him. Absolutely irresistible.
And that's how they get you, the utter bastards
This was taken on the day I brought home Baxter and threw away all hope of an easy life.
Look at him. Absolutely irresistible.
And that's how they get you, the utter bastards
Reposted by Paul Brears
I read this as: Harvard was planning to capitulate, then the Trump Administration accidentally sent the letter they meant to save until after Harvard capitulated on the first round of demands. www.nytimes.com/2025/04/18/b...
Trump Officials Blame Mistake for Setting Off Confrontation With Harvard (Gift Article)
An official on the administration’s antisemitism task force told the university that a letter of demands had been sent without authorization.
www.nytimes.com
April 19, 2025 at 2:11 AM
I read this as: Harvard was planning to capitulate, then the Trump Administration accidentally sent the letter they meant to save until after Harvard capitulated on the first round of demands. www.nytimes.com/2025/04/18/b...
Reposted by Paul Brears
So much of cybersecurity is "We must secure the Orphan Crushing Machine so that unauthorized people do not crush the orphans," and not "Why the fuck are you building an Orphan Crushing Machine in the first place?"
April 9, 2025 at 5:02 PM
So much of cybersecurity is "We must secure the Orphan Crushing Machine so that unauthorized people do not crush the orphans," and not "Why the fuck are you building an Orphan Crushing Machine in the first place?"
Reposted by Paul Brears
Biggest commitment to a 3 second joke I've ever seen
April 9, 2025 at 6:33 AM
Biggest commitment to a 3 second joke I've ever seen
Reposted by Paul Brears
The US Needs A New Cybersecurity Strategy: More Offensive Cyber Operations Isn't It
malwaretech.com/2025/03/the-...
malwaretech.com/2025/03/the-...
The US Needs A New Cybersecurity Strategy: More Offensive Cyber Operations Isn't It – MalwareTech
For a long time China has been operating in the grey area between cyber espionage and warfare. The US has been struggling to defend its networks from an onslaught of Chinese hackers, but a proposed in...
malwaretech.com
March 28, 2025 at 5:34 AM
The US Needs A New Cybersecurity Strategy: More Offensive Cyber Operations Isn't It
malwaretech.com/2025/03/the-...
malwaretech.com/2025/03/the-...
Reposted by Paul Brears
Great interview with @jay.bsky.team of Bluesky by @mmasnick.bsky.social about data portability, an exciting apps ecosystem, custom moderation and a heap of other great features. Here's to social media getting better.🥂 www.youtube.com/watch?v=B7Ow...
Bluesky's CEO on the Future of Social Media | SXSW LIVE
YouTube video by SXSW
www.youtube.com
March 12, 2025 at 6:07 AM
Great interview with @jay.bsky.team of Bluesky by @mmasnick.bsky.social about data portability, an exciting apps ecosystem, custom moderation and a heap of other great features. Here's to social media getting better.🥂 www.youtube.com/watch?v=B7Ow...
Reposted by Paul Brears
This (gift link) is scary / depressing on how fear of retaliation by Trump has silenced much of civil society, from business to law to the press to university leadership. Wesleyan president Michael Roth is a lonely profile in courage here, and makes me proud of my family's connection to Wesleyan.
Fearing Retribution, Trump Critics Muzzle Themselves (Gift Article)
People say they are intimidated by online attacks from the president, concerned about harm to their businesses or worried about the safety of their families.
www.nytimes.com
March 7, 2025 at 2:03 AM
This (gift link) is scary / depressing on how fear of retaliation by Trump has silenced much of civil society, from business to law to the press to university leadership. Wesleyan president Michael Roth is a lonely profile in courage here, and makes me proud of my family's connection to Wesleyan.
Reposted by Paul Brears
The March 2025 (update #117) files for the #Office365 for IT Pros eBook are available for current subscribers to download. Information about the update and how to fetch updated files is available in office365itpros.com/2025/03/03/o...
#Microsoft365
#Microsoft365
Office 365 for IT Pros March 2025 Update (#117)
The Office 365 for IT Pros writing team is thrilled to announce that monthly update #117 for March 2025 is now available for subscribers to download.
office365itpros.com
March 3, 2025 at 9:03 AM
The March 2025 (update #117) files for the #Office365 for IT Pros eBook are available for current subscribers to download. Information about the update and how to fetch updated files is available in office365itpros.com/2025/03/03/o...
#Microsoft365
#Microsoft365
Reposted by Paul Brears
"The older that I get, the more I understand that there aren’t a lot of people who are stupid, but there are a lot of people who are incurious, and their incuriosity is understood by people who were curious about something as stupidity." - this is a fantastic piece about AI use but also about life:
March 2, 2025 at 2:09 PM
"The older that I get, the more I understand that there aren’t a lot of people who are stupid, but there are a lot of people who are incurious, and their incuriosity is understood by people who were curious about something as stupidity." - this is a fantastic piece about AI use but also about life: