Ron Brash

In you missed it (I did, I don't know how), Microsoft is aiming to phase out UAC and replace it with a more secure thingie called "Administrative Protection". They're doing this because UAC currently has over 81 bypasses and, for reasons unknown to me, Microsoft decided to scrap UAC in totality and redo the entire thing from the ground up. Why? I have literally no idea. Maybe you stinky nerds can educate me. AP is now in preview mode for Windows Insider builds (testing stuff). Big brain security researchers from Google Project Zero poked it with a stick and discovered eight vulnerabilities that allowed them to bypass AP. Microsoft has since patched it. AP has yet to be deployed to Windows 11 as of this writing. AP on paper, when reading about it, seems like a good idea and seems like it unironically would be a massive security improvement for Windows. However, the new architecture would bamboozle some legacy applications. Making it work with older stuff will require lots of science from Microsoft. Additionally, and maybe I'm being a bit pessimistic, I am concerned Microsoft will vibe code slop their new security module and make it one massive cluster fuck disaster. Please read the research performed by Tirando (can't find his social media profile) and the other nerds at Project Zero. It's interesting. They're all very talented security researchers and make feel like an imbecile. projectzero.google/2026/26/window…

Two drone remotes. Two vendors

@Secure_ICS_OT We also need companies to be hiring vs laying off/downsizing, and changing from "shareholder value focus" to what is integral to the business.

If you are an ICS/OT controls professional I highly recommend taking ICS/OT cybersecurity training. Be it SANS, ISA, or whatever. We need more ICS/OT folks picking up the cybersecurity skills so that people with ICS/OT experience are at the table guiding decisions.

I can't stress enough that folks who are dabbling with AI give this a read and seriously ponder the implications.

@RobTerrin Buying Vanta and compliance tooling makes more sense too, and building integrations into all cloud tools, SOAR and IR. But this... Seems like a hail mary - it's almost like SNOW is having issues getting data to it's existing features. If so, will this solve it..imho, no.

@RobTerrin Feels a bit Microsofty - buy various products, don't execute (or take forever to GTA). It also feels like a bad vision/let's buy to buy - it would make more sense for Cisco to buy, eol a competitor, and build an integrated AM/IDS system + Splunk offering.

This makes about as much sense as a The Container Store buying Trader Joe's

Many confuse a minimum nonviable demo with a product

@GeoffreyHuntley @evilsocket Depends on the country. Canada would hold you liable if something were to come from it (potentially).

@evilsocket just drop it full disclosure style there is no such thing as responsible discourse the responsibility falls on the resolver responsible resolution

Months ago i disclosed 4 distinct vulnerabilities to the TP-Link security team. They asked to wait for disclosure, saying they would publish patches and assign CVEs by the end of November. Guess? It did not happen and they are now not responding to my emails...writeup next week.

The most accurate diagram I’ve seen

@furt_tech After PHP 5, and when it became object orientated - the world changed. But also, we are from God's language land (c) so... We know never trust anything typed or not... So also a reason for us

@shehackspurple The harder question... How do we get people who did write software before, and now are vibing... To care about security? (Actually quality/engineering but I digress)

How do we get people who are now releasing software, who previously did not because they don't have the skill, to care about Security? People who aren't software engineers. How do we reach them? How do we secure them? I need your advice. #appsec #ai youtu.be/Zj1uwsmWuAw?si…

@P4LSEC Probably accurate. Make sure it has solid ventilation and you constantly clean for dust... That's been my secret with even the Korean stuff (LG & Samsung are shite these days too)

My deep freezer from 1987 (38 years!) is finally dying. Just ordered a Chinese replacement, what are the chances it’ll last 10 years?

Fun!

@IceSolst Or if CPE == Fortinet || Avanti

I don’t give a shit about CVEs anymore. It’s more interesting to proactively address whole classes of vulnerabilities at scale, and think of ways to implement controls in an org without disruption. CWE > CVE

@Turbo81 The fascinating bit. We will be slaves to AI, but AI needs power, so we make the power. But AI consumes more power, literally and figuratively.

#Hacking #chihuahua with some BSG in the background

@WarMonitor3 It's more than drones. RF also...

The world will be and is already starting to buy Ukrainian drone tech. The Ukrainians are way ahead of the rest.

@dsnakenbacon @UK_Daniel_Card Yes many of us often are waking up and wanting to quit cyber after feeling like people are too focused on the wrong things, racing head, or not doing what needs to be done... Are not good precursors for a meeting. Try to put some distance in there and good luck.

@UK_Daniel_Card Feeling this today as I'm about to head into a conversation that might ultimately result in my resignation. I wonder if folks that say this stuff have worked in business/technical envs that have gone through years of M&A while trying to support constant change and innovation.

some people think that there's some kind of magic wall between IT / Security & business/people/politics... if you think in silos sure.... but then that's not reality, reality is not neat boxes, IT and Security ARE People & Politics & technology and physics and science and art etc. describing technology as easy is the most ridiculous take ever... that CPU you are using.... just make a new one by hand, its EASY!!! (so you say!)