Tom Webb   

@[email protected]
222 Followers
150 Following
153 Posts
Security GURU @ EDU | DFIR | Forensics |Incident Response | Hunting | Architecture | SANS Internet Storm Center Handler | SANS GSE | Gamer | Star Wars Nerd
webhttps://isc.sans.edu/handler_list.html
twitterhttps://twitter.com/twsecblog
githubhttps://github.com/tcw3bb
Tom Webb   Jan 10
Sunflower Björnskalle 🌻Jan 10

The reason why RAM is so expensive.

#ai #llm #it #tech #technology #economics #economy #finance

Tom Webb   Oct 15
Richard BejtlichOct 15

Do you remember the story of the UK-based logistics company that closed due to ransomware and laid off 730 workers?

Today in an article about a warning to UK businesses about cyber incidents, their “director” said they “were throwing £120,000 a year at [cyber-security] with insurance and systems and third-party managed systems.”

That’s the cost of one cyber FTE, and it sounds like they didn’t employ ANY cyber people. This is what I mean by the “security 1%.”

https://taosecurity.blogspot.com/2020/10/security-and-one-percent-thought.html

This company was in the 99%, and intruders put them out of business, despite apparently having $100 million in annual revenue?

I never blame victims of intrusions, but the underinvestment in security is appalling.

Refs: https://www.bbc.com/news/articles/ced61xv967lo and https://www.northantstelegraph.co.uk/news/people/kettering-haulage-company-knights-of-old-group-goes-into-administration-with-730-redundancies-4349040#

Tom Webb   Aug 30, 2025
Paul AsadoorianAug 30, 2025
Punishments include being forced to install NVIDIA drivers
Tom Webb   Jun 21, 2025
Show threadJan Wildeboer 😷Jun 21, 2025

Addendum: I use https://crowdsec.net on my public servers since 2 years now and it serves me well. It collects data from many volunteers out there analyses them and feeds my firewall. I also run a few shell scripts to add local decisions. While this is all happily humming in the background, the number of entries tells you that even a small server like mine is under continuous attack.

(I used fail2ban for many years, but it became sluggish with the amount of entries it had to deal with)

Tom Webb   Apr 5, 2025
South Carolina Women's Basketball 🤖Apr 5, 2025
THE GAMECOCKS ARE HEADED TO THE NATTY‼️
Tom Webb   Apr 1, 2025
Mysk🇨🇦🇩🇪Mar 31, 2025

iOS 18.4 introduced a new option in System Location Services called "Improve Location Accuracy" and it is enabled by default. You can find it under:
Settings > Privacy& Security > Location Services > System Services

#Privacy #infoSec

Tom Webb   Mar 31, 2025
term7Mar 30, 2025

We updated an educational shell script we wrote a while ago for #macOS that guides you through a lot of #privacy & #security related settings to work with macOS Sequoia (15.3.2).

Looking for testers and feedback is welcome!

https://codeberg.org/term7/MacOS-Privacy-and-Security-Enhancements/src/branch/main/01_Privacy-and-Security-Settings

MacOS-Privacy-and-Security-Enhancements

Executables to enhance MacOS Privacy and Security

Codeberg.org
Tom Webb   Mar 23, 2025
DeanMar 23, 2025
If you are looking for alternatives to USA based digital services this list offers many. #privacy #uscoup #searchengine #email https://european-alternatives.eu/categories
Service categories | European Alternatives

List of all categories on European Alternatives

European Alternatives
Tom Webb   Mar 10, 2025
itgrrl Mar 9, 2025

#DOGE as a National Cyberattack

“In the span of just weeks, the US government has experienced what may be the most consequential #SecurityBreach in its history—not through a sophisticated #CyberAttack or an act of foreign espionage, but through official orders by a billionaire with a poorly defined government role. And the implications for #NationalSecurity are profound.”

https://www.schneier.com/blog/archives/2025/02/doge-as-a-national.html

#USpol
#SchneierOnSecurity

DOGE as a National Cyberattack - Schneier on Security

In the span of just weeks, the US government has experienced what may be the most consequential security breach in its history—not through a sophisticated cyberattack or an act of foreign espionage, but through official orders by a billionaire with a poorly defined government role. And the implications for national security are profound. First, it was reported that people associated with the newly created Department of Government Efficiency (DOGE) had accessed the US Treasury computer system, giving them the ability to collect data on and potentially control the department’s roughly ...

Schneier on Security
Tom Webb   Mar 1, 2025
Hacker NewsMar 1, 2025
Self-Hosting a Firefox Sync Server — https://blog.diego.dev/posts/firefox-sync-server/
#HackerNews #SelfHosting #Firefox #Server #OpenSource #Privacy #TechNews
Self-Hosting a Firefox Sync Server

After switching from Firefox to LibreWolf, I became interested in the idea of self-hosting my own Firefox Sync server. Although I had seen this was possible before, I had never really looked into it—until now. I embarked on a journey to set this up, and while it wasn’t completely smooth sailing, I eventually got it working. Here’s how it went. Finding the Right Sync Server Initial Search: Mozilla’s Sync Server Repo I started by searching for “firefox sync server github” and quickly found Mozilla’s syncserver repo.