Interesting links of the week:
Strategy:
* https://www.marisec.ca/reports/the-wrong-fix-why-the-fccs-router-ban-misses-the-real-threat - an alternate view on prioritising the supply chain
* https://cybertoolkit.service.ncsc.gov.uk/ - so you're a small business and you want to improve your posture?
* https://how.complexsystems.fail/ - courtesy of @russss
* https://eepublicdownloads.blob.core.windows.net/public-cdn-container/clean-documents/Publications/2025/iberian-blackout/Final%20Report%20on%20the%20Grid%20Incident%20in%20Spain%20and%20Portugal%20on%2028%20April%202025.pdf - an Iberian oopsie
* https://www.theregister.com/2026/03/20/jlr_bailout_cmc/ - @theregister shares a point of view on bailing out JLR
* https://www.dni.gov/files/ODNI/documents/assessments/ATA-2026-Unclassified-Report.pdf - US intelligence community's annual threat assessment
* https://cyber.gouv.fr/actualites/nis-2-lanssi-poursuit-et-renforce-sa-dynamique-daccompagnement/ - hot new NIS2 action from ANSSI
Threats:
* https://www.microsoft.com/en-us/security/blog/2026/02/26/threat-modeling-ai-applications/ - how does AI affect STRIDE?
* https://united24media.com/latest-news/russian-spy-devices-found-inside-ukrainian-drone-developers-office-17243 - attack of the drones
* https://www.elastic.co/security-labs/illuminating-voidlink - another look at VoidLink
* https://ctrlaltintel.com/threat%20research/FancyBear/ - FancyBear fucks up
* https://netaskari.substack.com/p/chinas-massive-data-leak-of-military - .cn springs a leak
Detection:
* https://rogolabs.net/Talks/BSides-Galway-Open-Source-Intelligence.pdf - my colleague @jgamblin talks open source intelligence
* https://trustedsec.com/blog/building-a-detection-foundation-part-3-powershell-and-script-logging - @trustedsec look at logging PowerShell
* https://righteousit.com/2026/03/27/linux-forensic-scenario/ - @hal_pomeranz sets us a little challenge
Bugs:
* https://labs.watchtowr.com/a-32-year-old-bug-walks-into-a-telnet-server-gnu-inetutils-telnetd-cve-2026-32746/ - this reminds me of when I first showed @ha888t AIX
* https://itm4n.github.io/cve-2026-20817-wersvc-eop/ - when errors go rogue with @itm4n
Exploitation:
* https://dev.to/numbpill3d/showdev-can-playground-a-local-first-can-bus-analysis-tool-4ap6 - @numbpilled shows how you CAN play with busses
* https://agentseal.org/blog/mcp-server-security-findings - hands up if you have a secure MCP?
Hardening:
* https://gist.github.com/arianvp/5f59f1783e3eaf1a2d4cd8e952bb4acf - enclave backed SSH for OS X from @arianvp
Nerd:
* https://www.theguardian.com/culture/2026/mar/24/punk-masks-walkmans-and-choppers-museum-of-youth-culture-to-open-in-london - eras...
* https://www.data.gov.uk/ - UK specific datasets from HMG
* https://www.sambent.com/the-engineer-who-tried-to-put-age-verification-into-linux-5/ - today in Linux daftness
* https://blog.rice.is/post/doom-over-dns/ - everyone's favourite vanity PoC payload comes to DNS
