Tim (Wadhwa-)Brown :donor:
@timb-machine.infosec.exchange.ap.brid.gy
push(@fediverse, "Adversarial Engineer"); # i hack in Perl
🌉 bridged from ⁂ https://infosec.exchange/@timb_machine, follow @ap.brid.gy to interact
🌉 bridged from ⁂ https://infosec.exchange/@timb_machine, follow @ap.brid.gy to interact
Pinned
Original post on infosec.exchange
infosec.exchange
Fully accept this will be contentious, but you don't just ignore the nazi bar and hope it goes away by itself.
Make it uncomfortable for patrons by calling out shitty views, keep an eye on those from your community who support it and let people know there are better, healthier, more friendly […]
Make it uncomfortable for patrons by calling out shitty views, keep an eye on those from your community who support it and let people know there are better, healthier, more friendly […]
Sunday thought: Bubble wrap reclamation project.
cc: @jonty
cc: @jonty
February 1, 2026 at 7:26 PM
Sunday thought: Bubble wrap reclamation project.
cc: @jonty
cc: @jonty
February 1, 2026 at 5:48 PM
Reposted by Tim (Wadhwa-)Brown :donor:
We are excited to share that we are beginning work on a new onboarding experiment for #mastodon: Default Server Recommendations.
Our intent for this experiment is to recommend the closest server geographically that is in the correct language during the sign-up flow. We will be running this […]
Our intent for this experiment is to recommend the closest server geographically that is in the correct language during the sign-up flow. We will be running this […]
Original post on mastodon.social
mastodon.social
January 31, 2026 at 12:52 PM
We are excited to share that we are beginning work on a new onboarding experiment for #mastodon: Default Server Recommendations.
Our intent for this experiment is to recommend the closest server geographically that is in the correct language during the sign-up flow. We will be running this […]
Our intent for this experiment is to recommend the closest server geographically that is in the correct language during the sign-up flow. We will be running this […]
PSA: Reflect on your own biases.
February 1, 2026 at 11:54 AM
PSA: Reflect on your own biases.
[meta]
Today's doom scrolling has been paused due to excess Epstein, human rights abuse, Reform, war and AI bots'n'slop on the line.
Today's doom scrolling has been paused due to excess Epstein, human rights abuse, Reform, war and AI bots'n'slop on the line.
January 31, 2026 at 9:10 PM
[meta]
Today's doom scrolling has been paused due to excess Epstein, human rights abuse, Reform, war and AI bots'n'slop on the line.
Today's doom scrolling has been paused due to excess Epstein, human rights abuse, Reform, war and AI bots'n'slop on the line.
Reposted by Tim (Wadhwa-)Brown :donor:
Interesting links of the week:
Strategy:
* https://www-tokio--dr-jp.translate.goog/thinktank/acd/acd-007.html - active defense in .jp
* https://www.cambridge.org/core/books/securing-democracies/stacking-up-for-resilience/EB2072FAE9F97CF41B568B1C4AAFC190 - building digital resilience ala India […]
Strategy:
* https://www-tokio--dr-jp.translate.goog/thinktank/acd/acd-007.html - active defense in .jp
* https://www.cambridge.org/core/books/securing-democracies/stacking-up-for-resilience/EB2072FAE9F97CF41B568B1C4AAFC190 - building digital resilience ala India […]
Original post on infosec.exchange
infosec.exchange
January 30, 2026 at 1:50 PM
Interesting links of the week:
Strategy:
* https://www-tokio--dr-jp.translate.goog/thinktank/acd/acd-007.html - active defense in .jp
* https://www.cambridge.org/core/books/securing-democracies/stacking-up-for-resilience/EB2072FAE9F97CF41B568B1C4AAFC190 - building digital resilience ala India […]
Strategy:
* https://www-tokio--dr-jp.translate.goog/thinktank/acd/acd-007.html - active defense in .jp
* https://www.cambridge.org/core/books/securing-democracies/stacking-up-for-resilience/EB2072FAE9F97CF41B568B1C4AAFC190 - building digital resilience ala India […]
[meta]
Felt hungry, ate last night's chicken curry.
Felt hungry, ate last night's chicken curry.
January 31, 2026 at 8:50 AM
[meta]
Felt hungry, ate last night's chicken curry.
Felt hungry, ate last night's chicken curry.
Reposted by Tim (Wadhwa-)Brown :donor:
Threats:
* https://github.com/unicodeveloper/globalthreatmap - the history of conflict mapped with analysis on it affects modern threats
* https://github.com/narimangharib/starlink-iran-gps-spoofing - analysis of .ir tampering with Starlink
Detection:
* https://github.com/MHaggis/ADTrapper - […]
* https://github.com/unicodeveloper/globalthreatmap - the history of conflict mapped with analysis on it affects modern threats
* https://github.com/narimangharib/starlink-iran-gps-spoofing - analysis of .ir tampering with Starlink
Detection:
* https://github.com/MHaggis/ADTrapper - […]
Original post on infosec.exchange
infosec.exchange
January 30, 2026 at 6:25 PM
Threats:
* https://github.com/unicodeveloper/globalthreatmap - the history of conflict mapped with analysis on it affects modern threats
* https://github.com/narimangharib/starlink-iran-gps-spoofing - analysis of .ir tampering with Starlink
Detection:
* https://github.com/MHaggis/ADTrapper - […]
* https://github.com/unicodeveloper/globalthreatmap - the history of conflict mapped with analysis on it affects modern threats
* https://github.com/narimangharib/starlink-iran-gps-spoofing - analysis of .ir tampering with Starlink
Detection:
* https://github.com/MHaggis/ADTrapper - […]
It's funny, I'm not religious but I still think we could all do with being a bit more like Jesus. He fed the poor, didn't discriminate based on where you came from, enjoyed alcohol and mind altering drugs and left people with such a good opinion that they wrote books about him. Son of god, LOL […]
Original post on infosec.exchange
infosec.exchange
January 31, 2026 at 7:28 AM
It's funny, I'm not religious but I still think we could all do with being a bit more like Jesus. He fed the poor, didn't discriminate based on where you came from, enjoyed alcohol and mind altering drugs and left people with such a good opinion that they wrote books about him. Son of god, LOL […]
Reposted by Tim (Wadhwa-)Brown :donor:
I wonder if the reason we haven't had any of God's representatives in a while is, well, if you invented humans, would you still be bothering to invest time in the project? Imagine when you meet your peer Gods at conferences, must be dead embarrassing.
#microfiction
#microfiction
December 28, 2025 at 6:27 PM
I wonder if the reason we haven't had any of God's representatives in a while is, well, if you invented humans, would you still be bothering to invest time in the project? Imagine when you meet your peer Gods at conferences, must be dead embarrassing.
#microfiction
#microfiction
Kinda feels like the new(ish) CISA head may not fully understand their brief.
January 30, 2026 at 7:41 PM
Kinda feels like the new(ish) CISA head may not fully understand their brief.
Threats:
* https://github.com/unicodeveloper/globalthreatmap - the history of conflict mapped with analysis on it affects modern threats
* https://github.com/narimangharib/starlink-iran-gps-spoofing - analysis of .ir tampering with Starlink
Detection:
* https://github.com/MHaggis/ADTrapper - […]
* https://github.com/unicodeveloper/globalthreatmap - the history of conflict mapped with analysis on it affects modern threats
* https://github.com/narimangharib/starlink-iran-gps-spoofing - analysis of .ir tampering with Starlink
Detection:
* https://github.com/MHaggis/ADTrapper - […]
Original post on infosec.exchange
infosec.exchange
January 30, 2026 at 6:25 PM
Threats:
* https://github.com/unicodeveloper/globalthreatmap - the history of conflict mapped with analysis on it affects modern threats
* https://github.com/narimangharib/starlink-iran-gps-spoofing - analysis of .ir tampering with Starlink
Detection:
* https://github.com/MHaggis/ADTrapper - […]
* https://github.com/unicodeveloper/globalthreatmap - the history of conflict mapped with analysis on it affects modern threats
* https://github.com/narimangharib/starlink-iran-gps-spoofing - analysis of .ir tampering with Starlink
Detection:
* https://github.com/MHaggis/ADTrapper - […]
Interesting links of the week:
Strategy:
* https://www-tokio--dr-jp.translate.goog/thinktank/acd/acd-007.html - active defense in .jp
* https://www.cambridge.org/core/books/securing-democracies/stacking-up-for-resilience/EB2072FAE9F97CF41B568B1C4AAFC190 - building digital resilience ala India […]
Strategy:
* https://www-tokio--dr-jp.translate.goog/thinktank/acd/acd-007.html - active defense in .jp
* https://www.cambridge.org/core/books/securing-democracies/stacking-up-for-resilience/EB2072FAE9F97CF41B568B1C4AAFC190 - building digital resilience ala India […]
Original post on infosec.exchange
infosec.exchange
January 30, 2026 at 1:50 PM
Interesting links of the week:
Strategy:
* https://www-tokio--dr-jp.translate.goog/thinktank/acd/acd-007.html - active defense in .jp
* https://www.cambridge.org/core/books/securing-democracies/stacking-up-for-resilience/EB2072FAE9F97CF41B568B1C4AAFC190 - building digital resilience ala India […]
Strategy:
* https://www-tokio--dr-jp.translate.goog/thinktank/acd/acd-007.html - active defense in .jp
* https://www.cambridge.org/core/books/securing-democracies/stacking-up-for-resilience/EB2072FAE9F97CF41B568B1C4AAFC190 - building digital resilience ala India […]
[meta]
Old, old friend just posted in Slack and I had 3 beers just catching up on the last decade.
Old, old friend just posted in Slack and I had 3 beers just catching up on the last decade.
January 29, 2026 at 6:36 PM
[meta]
Old, old friend just posted in Slack and I had 3 beers just catching up on the last decade.
Old, old friend just posted in Slack and I had 3 beers just catching up on the last decade.
This year's FortiCTF is shaping up to be wild.
January 28, 2026 at 9:22 PM
This year's FortiCTF is shaping up to be wild.
RE: https://mstdn.social/@TalosSecurity/115973493366418229
Nice to do something with Yuri, my old sparring partner from the Portcullis days. Not the most depthy discussion of encryption you'll ever hear, but a few funny war stories from the trenches.
Nice to do something with Yuri, my old sparring partner from the Portcullis days. Not the most depthy discussion of encryption you'll ever hear, but a few funny war stories from the trenches.
mstdn.social
January 28, 2026 at 8:19 PM
RE: https://mstdn.social/@TalosSecurity/115973493366418229
Nice to do something with Yuri, my old sparring partner from the Portcullis days. Not the most depthy discussion of encryption you'll ever hear, but a few funny war stories from the trenches.
Nice to do something with Yuri, my old sparring partner from the Portcullis days. Not the most depthy discussion of encryption you'll ever hear, but a few funny war stories from the trenches.
Outlook cloudy with Fortinet as SSO-yikes rains down:
https://fortiguard.fortinet.com/psirt/FG-IR-26-060
#threatintel, #forticloud
https://fortiguard.fortinet.com/psirt/FG-IR-26-060
#threatintel, #forticloud
PSIRT | FortiGuard Labs
None
fortiguard.fortinet.com
January 28, 2026 at 7:16 PM
Outlook cloudy with Fortinet as SSO-yikes rains down:
https://fortiguard.fortinet.com/psirt/FG-IR-26-060
#threatintel, #forticloud
https://fortiguard.fortinet.com/psirt/FG-IR-26-060
#threatintel, #forticloud
January 28, 2026 at 2:11 PM
Quick hack to take a platform, extract the relevant techniques, pull out the relevant log sources and then map each log source to the technique and tactics it covers:
https://gist.github.com/timb-machine/44ba1cfe0e6057e0fc064ff601a75d95
#detection, #engineering
https://gist.github.com/timb-machine/44ba1cfe0e6057e0fc064ff601a75d95
#detection, #engineering
dump-detections.py
dump-detections.py. GitHub Gist: instantly share code, notes, and snippets.
gist.github.com
January 28, 2026 at 2:08 PM
Quick hack to take a platform, extract the relevant techniques, pull out the relevant log sources and then map each log source to the technique and tactics it covers:
https://gist.github.com/timb-machine/44ba1cfe0e6057e0fc064ff601a75d95
#detection, #engineering
https://gist.github.com/timb-machine/44ba1cfe0e6057e0fc064ff601a75d95
#detection, #engineering
When people at work talk about the best bus and all you can think is "umm, no":
https://en.wikipedia.org/wiki/London_Buses_route_65
https://en.wikipedia.org/wiki/London_Buses_route_65
London Buses route 65 - Wikipedia
en.wikipedia.org
January 28, 2026 at 1:52 PM
When people at work talk about the best bus and all you can think is "umm, no":
https://en.wikipedia.org/wiki/London_Buses_route_65
https://en.wikipedia.org/wiki/London_Buses_route_65
Someone posted a "PoC" of the telnet bug and well, their proof of root is cat'ing /etc/passwd 😆
January 28, 2026 at 8:44 AM
Someone posted a "PoC" of the telnet bug and well, their proof of root is cat'ing /etc/passwd 😆
Ah yes, let's let an LLM operate your desktop on your behalf, that seems like a *top* idea.
January 26, 2026 at 11:12 PM
Ah yes, let's let an LLM operate your desktop on your behalf, that seems like a *top* idea.
Kicked off a new responsibility today with a non-profit with an interest in cyber security research. Been involved for a while but I've taken one of the "chair"-roles. First actions, put a bit more structure around the topics we work on, so that we look at both tactical and strategic problems […]
Original post on infosec.exchange
infosec.exchange
January 26, 2026 at 8:17 PM
Kicked off a new responsibility today with a non-profit with an interest in cyber security research. Been involved for a while but I've taken one of the "chair"-roles. First actions, put a bit more structure around the topics we work on, so that we look at both tactical and strategic problems […]
Fully accept this will be contentious, but you don't just ignore the nazi bar and hope it goes away by itself.
Make it uncomfortable for patrons by calling out shitty views, keep an eye on those from your community who support it and let people know there are better, healthier, more friendly […]
Make it uncomfortable for patrons by calling out shitty views, keep an eye on those from your community who support it and let people know there are better, healthier, more friendly […]
Original post on infosec.exchange
infosec.exchange
January 24, 2026 at 10:48 PM
Fully accept this will be contentious, but you don't just ignore the nazi bar and hope it goes away by itself.
Make it uncomfortable for patrons by calling out shitty views, keep an eye on those from your community who support it and let people know there are better, healthier, more friendly […]
Make it uncomfortable for patrons by calling out shitty views, keep an eye on those from your community who support it and let people know there are better, healthier, more friendly […]