Just Announced for BSides Luxembourg 2026!
𝗞𝗘𝗬𝗡𝗢𝗧𝗘: 𝗜𝗗𝗘𝗡𝗧𝗜𝗧𝗬 𝗦𝗘𝗖𝗨𝗥𝗜𝗧𝗬 𝗝𝗨𝗦𝗧 𝗘𝗫𝗣𝗟𝗢𝗗𝗘𝗗 - Wendy Nather (@wendynather )

As identity ecosystems evolve, some challenges never quite get solved—delegation being one of them. But now, the stakes are higher than ever. With the rapid rise of non-human identities that don’t fit traditional system or application roles, organizations are facing a new layer of complexity. Even if you’re not actively using these “agents” yet, they’re already becoming part of the broader digital environment. The question is no longer if—but how you’ll manage them. It’s time to start making deliberate decisions about identity, access, and control in this expanding landscape.

Wendy Nather ( @wendynather ) is a strategist, research director, and former CISO with over 40 years of experience in IT operations and security. Her expertise includes identity and access management, threat intelligence, risk analysis, and security operations, shaped by leadership roles in financial services, government, and industry research.
📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule Link: https://pretalx.com/bsidesluxembourg-2026/schedule/

#BSidesLuxembourg #IdentityManagement #CyberSecurity #IAM #DigitalIdentity #SecurityLeadership

There's a lot of discourse on Twitter about people using LLMs to solve CTF challenges. I used to write CTF challenges in a past life, so I threw a couple of my hardest ones at it.

We're screwed.

At least with text-file style challenges ("source code provided" etc), Claude Opus solves them quickly. For the "simpler" of the two, it just very quickly ran through the steps to solve it. For the more "ridiculous" challenge, it took a long while, and in fact as I type this it's still burning tokens "verifying" the flag even though it very obviously found the flag and it knows it (it's leetspeak and it identified that and that it's plausible). LLMs are, indeed, still completely unintelligent, because no human would waste time verifying a flag and second-guessing itself when it very obviously is correct. (Also you could just run it...)

But that doesn't matter, because it found it.

The thing is, CTF challenges aren't about inventing the next great invention or having a rare spark of genius. CTF challenges are about learning things by doing. You're supposed to enjoy the process. The whole point of a well-designed CTF challenge is that anyone, given enough time and effort and self-improvement and learning, can solve it. The goal isn't actually to get the flag, otherwise you'd just ask another team for the flag (which is against the rules of course). The goal is to get the flag by yourself. If you ask an LLM to get the flag for you, you aren't doing that.

(Continued)

Hungarian opposition leader Peter Magyar has accused the ruling government of using the Candiru spyware against his TISZA party

https://x.com/magyarpeterMP/status/2037113263238840702

"Switzerland decision sets a precedent,
this is the most powerful element here.

When a neutral country renowned for financial security and data protection concludes that Palantir poses unacceptable sovereignty risks,
that assessment becomes ammunition for every European procurement decision.

(....)

Getting ghosted by Swiss bureaucrats just probably had to sting."

https://youtu.be/R5UMAt0bEzs?si=j7Ri02oE79SU0-Kz

We're (BBC) recruiting a Technical Product Manager to work in a team for which I cover architecture: BBC Media Analytics.

Scope: UK residents, full time
Location: Hybrid (1d/week in London)
Salary: £65-75k (35 hour week)
Closes: 2026-03-18 (apols, I just found out)

The team builds & runs our Media Analytics (logs, stats) service which runs on AWS & processes 10s of billions of data points per day inc. realtime stream telemetry from iPlayer/Sounds.

Shares/Qs welcomed

https://careers.bbc.co.uk/job/Senior-Product-Manager/39701-en_GB

We're Hiring!

We are currently looking for a Penetration Tester
and a Senior Red Teamer. Check out our open positions
and reach out if you think you’d be a great fit.

Here:
https://modzero.com/en/jobs/

A bit spammy, maybe, but not intended to be:

In Germany, a company that makes brooms and other cleaning utensils called Andreas Bürsten @buersten is very active on the #Fediverse. During the many discussions here, they listened to the wishes of our weird and wonderful community. May I present: The "Regenbogen". Clean your house and patio in style. With a statement of inclusion :) (They only ship to Germany and no, I am not getting paid. I just *love* their approach)

https://buersten.de/Saalbesen-400-mm-Regenbogen-PET-Farbmix-Universalstielhalter-mit-Ueberwurfmutter-O-24-mm