Interested in attending BlueHat 2026? Registration is closing TODAY and is extremely limited, so please fill out the application to attend here if interested!

https://microsoft.eventsair.com/bluehat2026/reg/Site/Register

Finally got around to uploading my slides for Reflections on trusting Zero Trust (or why I have zero trust in Zero Trust) from BSides London 2021:

https://github.com/timb-machine/presentations/blob/main/Reflections%20on%20Trusting%20Zero%20Trust%20-%20Why%20I%20have%20Zero%20Trust%20in%20Zero%20Trust%20v3.pdf

#engineering, #architecture

Interesting links of the week:

Strategy:

* https://www.marisec.ca/reports/the-wrong-fix-why-the-fccs-router-ban-misses-the-real-threat - an alternate view on prioritising the supply chain
* https://cybertoolkit.service.ncsc.gov.uk/ - so you're a small business and you want to improve your posture?
* https://how.complexsystems.fail/ - courtesy of @russss
* https://eepublicdownloads.blob.core.windows.net/public-cdn-container/clean-documents/Publications/2025/iberian-blackout/Final%20Report%20on%20the%20Grid%20Incident%20in%20Spain%20and%20Portugal%20on%2028%20April%202025.pdf - an Iberian oopsie
* https://www.theregister.com/2026/03/20/jlr_bailout_cmc/ - @theregister shares a point of view on bailing out JLR
* https://www.dni.gov/files/ODNI/documents/assessments/ATA-2026-Unclassified-Report.pdf - US intelligence community's annual threat assessment
* https://cyber.gouv.fr/actualites/nis-2-lanssi-poursuit-et-renforce-sa-dynamique-daccompagnement/ - hot new NIS2 action from ANSSI

Threats:

* https://www.microsoft.com/en-us/security/blog/2026/02/26/threat-modeling-ai-applications/ - how does AI affect STRIDE?
* https://united24media.com/latest-news/russian-spy-devices-found-inside-ukrainian-drone-developers-office-17243 - attack of the drones
* https://www.elastic.co/security-labs/illuminating-voidlink - another look at VoidLink
* https://ctrlaltintel.com/threat%20research/FancyBear/ - FancyBear fucks up
* https://netaskari.substack.com/p/chinas-massive-data-leak-of-military - .cn springs a leak

Detection:

* https://rogolabs.net/Talks/BSides-Galway-Open-Source-Intelligence.pdf - my colleague @jgamblin talks open source intelligence
* https://trustedsec.com/blog/building-a-detection-foundation-part-3-powershell-and-script-logging - @trustedsec look at logging PowerShell
* https://righteousit.com/2026/03/27/linux-forensic-scenario/ - @hal_pomeranz sets us a little challenge

Bugs:

* https://labs.watchtowr.com/a-32-year-old-bug-walks-into-a-telnet-server-gnu-inetutils-telnetd-cve-2026-32746/ - this reminds me of when I first showed @ha888t AIX
* https://itm4n.github.io/cve-2026-20817-wersvc-eop/ - when errors go rogue with @itm4n

Exploitation:

* https://dev.to/numbpill3d/showdev-can-playground-a-local-first-can-bus-analysis-tool-4ap6 - @numbpilled shows how you CAN play with busses
* https://agentseal.org/blog/mcp-server-security-findings - hands up if you have a secure MCP?

Hardening:

* https://gist.github.com/arianvp/5f59f1783e3eaf1a2d4cd8e952bb4acf - enclave backed SSH for OS X from @arianvp

Nerd:

* https://www.theguardian.com/culture/2026/mar/24/punk-masks-walkmans-and-choppers-museum-of-youth-culture-to-open-in-london - eras...
* https://www.data.gov.uk/ - UK specific datasets from HMG
* https://www.sambent.com/the-engineer-who-tried-to-put-age-verification-into-linux-5/ - today in Linux daftness
* https://blog.rice.is/post/doom-over-dns/ - everyone's favourite vanity PoC payload comes to DNS

#security, #research

In which I get shout outs from the grsec crew:

https://x.com/spendergrsec/status/2037295088225636706

This piece of work remains one of my high water marks for security research. For all the bugs etc, doing something worthy of a grsec enhancement gives me a big smile.

Cheers @grsecurity folks.

RE: https://mas.to/@sphcow/116204059692143351

This is well worth reading if you are submitting to @44CON - CFP is open (2026 Event 17th-18th September, London, UK)