Interesting links of the week:

Strategy:

* https://owasp.org/Top10/2025/0x00_2025-Introduction/ - a new OWASP top 10 is born
* https://www.cmorg.org.uk/sites/default/files/2025-11/CMORG%20-%20Dynamic%20Scenario%20Library%20v1.1%20-%20Final%20-%20October%202025%20-%20TLP%20CLEAR.pdf - if the UK HMG risk register tickled your interest, you'll like this
* https://www.ncsc.gov.uk/files/motivating-small-organisations-take-action.pdf - NCSC research paper on resilience for small businesses
* https://ramimac.me/security-vendor-research-sins - on the sins of security research
* https://mr-r3b00t.github.io/soc_chef/tools/kill_chain_tool.html - @UK_Daniel_Card's at it again, this time modelling probability in the attack tree
* https://www.pwc.co.uk/services/crisis-and-resilience/define-your-minimum-viable-company-now-to-survive-next-shock.html - boo! how to avoid a shock

Threats:

* https://unit42.paloaltonetworks.com/landfall-is-new-commercial-grade-android-spyware/ - commercial grade droid poison
* https://www.zetland.dk/historie/svNwC3c5-aOPVxA4K-224e5 - have your tried turning your bus off and then on again?
* https://this.weekinsecurity.com/thousands-of-north-koreans-have-secretly-infiltrated-us-and-european-companies-as-remote-it-workers/ - the North Koreans have a real work ethic that's second to none
* https://www.nviso.eu/blog/nviso-analyzes-vshell-post-exploitation-tool - a new post-exploitation tool from .cn

Detection:

* https://isovalent.com/blog/post/tetragon-security-standard/ - Tetragon does detection... I keep telling people we bought more than a micro-segmentation tool
* https://tetragon.io/docs/getting-started/execution/ - getting started with Tetragon
* https://isovalent.com/blog/post/mitre-attack-tetragon/ - mapping @mitreattack to Tetragon
* https://deepwiki.com/timb-machine/linux-malware - wiki'ifying the linux-malware project
* https://dti.domaintools.com/inside-the-great-firewall-part-1-the-dump/ - inside the great firewall
* https://medium.com/@cyberengage.org/tracking-lateral-movement-named-pipes-scheduler-services-registry-and-dcom-event-ids-4f4670e70172 - lateral movement in the pipes
* https://cloud.google.com/blog/topics/threat-intelligence/privileged-account-monitoring - check yaw privilege, yells cloud

Bugs:

* https://ssd-disclosure.com/lpe-via-refcount-imbalance-in-the-af_unix-of-ubuntus-kernel/ - another way to smash a socket
* https://aisle.com/blog/cve-2025-10230-the-cvss-100-vulnerability-that-hid-in-samba-for-13-years - fun little SMB bug that may make you WINSe

Exploitation:

* https://sud0ru.ghost.io/yet-another-dcom-object-for-command-execution-part-1/ - abusing DCOM for execution
* https://www.youtube.com/watch?v=Fu3laL5VYdM - @lauriewired talks trusting trust
* https://tonygo.tech/blog/2025/how-to-attack-macos-application-xpc-helpers - attacking OS X XPC

Hard hacks:

* https://www.waveshare.com/wiki/USB-TO-LoRa-xF - messing with LORA

Nerd:

* https://www.tuhs.org/ - the UNIX heritage society
* https://blogs.perl.org/users/mauke/2025/11/a-polymorphic-quine.html - a quine in Perl
* https://www.5g-vinni.eu/wp-content/uploads/2019/02/5g-vinni_d2.1_annex_a1_norway.pdf - interesting HLD
* https://nickvsnetworking.com/ - this blog from @nickvsnetworking on telecomms is fucking gold

#security, #research

Interesting links of the week:

Strategy:

* https://c4model.com/ - using C4 to model software
* https://www.ncsc.gov.uk/whitepaper/advanced-cryptography - NCSC actively advocating to deprecate ROT13
* https://www.thecvefoundation.org/frequently-asked-questions - more on the CVE foundation
* https://jericho.blog/2025/04/24/cve-the-big-vote-of-no-confidence/ - @attritionorg gives his take on the CVE mess

Detection:

* https://kevintel.com/ - fresh intel for KEV
* https://mr-r3b00t.github.io/soc_chef/tools/timeline_creator.html - @UK_Daniel_Card's latest effort is for creating timelines
* https://th.reat.actor/blog/dhcp-fingerprinting - DCHP fingerprinting from one of my mentees

Bugs:

* https://x.com/gothburz/status/1915755189019017411 - RCE in SAP NetWeaver
* https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt - a nice *old* linker bug in OpenSSH

Exploitation:

* https://grep.app/ - bug hunt at scale
* https://symbol.exchange/grep - reverse engineer at scale
* https://blog.zsec.uk/common-tool-errors-kerberos/ - @zephrfish talks KRB5
* https://sensepost.com/blog/2020/avoiding-detection-via-dhcp-options/ - more on DHCP, courtesy of @RoganDawes

Nerd:

* https://dc4420.org/ - DC4420 is back \o/... thanks @marksteward
* https://new.fedidb.org/ - Fediverse statistics
* https://newsroom.arm.com/blog/evolution-of-arm-architecture-evolution-40-years - hats off for Sophie Wilson 🏳️‍⚧️ and gang

#security, #research

LDAP Nom Nom (my tool for bruteforcing usernames on Active Directory) is getting nice words on a blog post from @UK_Daniel_Card. Thanks! :-)

https://www.pwndefend.com/2023/03/31/stealthy-active-directory-username-enumeration-with-ldapnomnom/