Sunflower Björnskalle 🌻The reason why RAM is so expensive.
| web | https://isc.sans.edu/handler_list.html |
| https://twitter.com/twsecblog | |
| github | https://github.com/tcw3bb |
Tom Webb 
- 222 Followers
- 150 Following
- 153 Posts
Security GURU @ EDU | DFIR | Forensics |Incident Response | Hunting | Architecture | SANS Internet Storm Center Handler | SANS GSE | Gamer | Star Wars Nerd
Richard BejtlichDo you remember the story of the UK-based logistics company that closed due to ransomware and laid off 730 workers?
Today in an article about a warning to UK businesses about cyber incidents, their “director” said they “were throwing £120,000 a year at [cyber-security] with insurance and systems and third-party managed systems.”
That’s the cost of one cyber FTE, and it sounds like they didn’t employ ANY cyber people. This is what I mean by the “security 1%.”
https://taosecurity.blogspot.com/2020/10/security-and-one-percent-thought.html
This company was in the 99%, and intruders put them out of business, despite apparently having $100 million in annual revenue?
I never blame victims of intrusions, but the underinvestment in security is appalling.
Refs: https://www.bbc.com/news/articles/ced61xv967lo and https://www.northantstelegraph.co.uk/news/people/kettering-haulage-company-knights-of-old-group-goes-into-administration-with-730-redundancies-4349040#
Paul Asadoorian
Jan Wildeboer 😷
Addendum: I use https://crowdsec.net on my public servers since 2 years now and it serves me well. It collects data from many volunteers out there analyses them and feeds my firewall. I also run a few shell scripts to add local decisions. While this is all happily humming in the background, the number of entries tells you that even a small server like mine is under continuous attack.
(I used fail2ban for many years, but it became sluggish with the amount of entries it had to deal with)
@kompot you could use a tarpit and kick them to small docker instance when they crawl something they shouldn’t. https://arstechnica.com/tech-policy/2025/01/ai-haters-build-tarpits-to-trap-and-trick-ai-scrapers-that-ignore-robots-txt/
Also you could just start banning IPs that make so many requests per minute.
South Carolina Women's Basketball 🤖
Mysk🇨🇦🇩🇪iOS 18.4 introduced a new option in System Location Services called "Improve Location Accuracy" and it is enabled by default. You can find it under:
Settings > Privacy& Security > Location Services > System Services
term7
DeanIf you are looking for alternatives to USA based digital services this list offers many. #privacy #uscoup #searchengine #email https://european-alternatives.eu/categories
itgrrl 
#DOGE as a National Cyberattack
“In the span of just weeks, the US government has experienced what may be the most consequential #SecurityBreach in its history—not through a sophisticated #CyberAttack or an act of foreign espionage, but through official orders by a billionaire with a poorly defined government role. And the implications for #NationalSecurity are profound.”
https://www.schneier.com/blog/archives/2025/02/doge-as-a-national.html
DOGE as a National Cyberattack - Schneier on Security
In the span of just weeks, the US government has experienced what may be the most consequential security breach in its history—not through a sophisticated cyberattack or an act of foreign espionage, but through official orders by a billionaire with a poorly defined government role. And the implications for national security are profound. First, it was reported that people associated with the newly created Department of Government Efficiency (DOGE) had accessed the US Treasury computer system, giving them the ability to collect data on and potentially control the department’s roughly ...