If Keir Starmer does resign, history will look back on his reign and scratch its head as to why the hell he was so hated.
On paper, he's probably delivered more to working British people in such a short time than any PM for decades.
After inheriting an absolute mess: NHS waiting lists fallen. Worker's rights improved. Rail operators nationalised. Improved relations with EU and improved UK's global reputation. Removed non-dom tax status. Halved childcare costs. Boosted state pensions. Lowest homicide rate in 50 years. Lifted 550k children out of poverty. Immigration vastly reduced.
We are in the age of billionaire funded misinformation, whose sole purpose is to topple democratically elected leaders, and insert leadership that favours the wealthy elites over the working people. Looks like the game plan is working...
X is so broken. Served a fraudulent crypto AD that goes to a fake Tesla account with an AI generated video of Musk to get people to a crypto stealing site
Anytime you read an insane viewpoint on X that seems like a lot of people are agreeing with (for example, invading a sovereign country can be justified):
Try and search their name on Linkedin or Instagram and see if they’re actually real people.
You will be surprised how much of your worldview is shaped by bots.
The Bybit hack has to be the biggest third party compromise to date. Safe wallet “secures” over 100B in crypto according to their site. They likely could have targeted anyone. Suspect Bybit aren’t the only exchange using their wallet
Haven’t seen this one before.
Illegal streaming sites pushing streams via @github issues on popular repos with hacked accounts. Likely as Google rapidly indexes + GitHub has super high DR
After a 5 year break, I’ve decided to finally try and finish OSCP. The course has changed A LOT since I last tried it. Lots more about AD and pivoting now than before
reminder that the bcrypt hash function ignores input above a certain length! so if you do bcrypt(username || password) for some reason, a sufficiently long username will make it accept any password. to fix this you can sha256 the input first.
I endorsed Pres Donald Trump yesterday. Today all day my phone froze, the cursor on my computer started wandering around the desktop, and my wifi continually disconnected. All coincidentally.
This is super cool but I agree with some of the comments. How would this ever exist without the games having already existed? Is the future to train models on different games and AI generates an entirely different game? If so, we’re still going to need game engines for the training data
We @sequoia are thrilled to announce our investment into @DecartAI
Today they’re launching a “warm-up” called Oasis
This is a fully playable version of Minecraft WITH NO GAME ENGINE, it’s purely a video model rendering pixels in real time
Acting as digital detectives, we uncovered the sale of a bypass tool on underground forums. This investigation began when a bad actor tried to test an EDR bypass tool. Read what we learned from there: https://t.co/QiR8jM3zv8
Been back in the gym about a month and it’s funny how you think the gym takes energy but it strangely has the opposite effect of giving more energy. The hardest part about going back is just getting into a routine
Feel the same way but it has its place. Focus on technical TI for enrichment purposes is probably enough for most basic SOCs.
If there’s enough money, hire someone to help build strategic reports: a) helps with exec level reporting b) can be a good advertisement for the SOC (this is your threats, and here’s our capabilities).
Advertising the SOC, IMO, is important. SOCs are a cost, execs need to be reminded why they should continue to exist and not be outsourced. TI can help with this.
In that case, I’d probably look at the newer stuff but making sure we’ve got the people to support it.
Starting with tech:
SOAR
- Introduce a SOAR that has both ticketing and automation capabilities (almost all do). Work to transition all ticketing to the SOAR to save on costs.
- Start with enriching alerts (think TI, host/user info from AD/cloud providers before moving onto straight automation.
- Next, integrate other tools for rapid response (disabling accounts, isolating machines). All of this takes time (think architecture review boards, change control, etc.) Equally costs $$$, engineering costs, project managers.
- Finally, start automating basic alerts to reduce burden on SOC and improve response times.
TI
- Do we have good intel feeds coming in? Are they enriching alerts. Some feeds may cost $. But be careful - introduce TI alerts too quickly and your SOC analysts will pay the price.
- if there’s a TI team, consider introducing a TIP to manage all of the intel. But can be costly.
- Personally, I’d outsource strategic intel unless there’s enough $ to support building a dedicated function.
Alerts
- Bring in pentesters to work alongside the SOC to understand capabilities. Run frequent exercises to identify blind spots, build alerts, etc.
Retainers
- Okay not tech but important to have retainers in place in case things go very wrong. Even if there’s a CIRT function internally, retainers for legally sensitive cases is important.
People
- Invest in bringing in very strong engineers with offensive/defensive background. Those that can work with the analysts to build alerts, write playbooks, and manage the tooling.
- Invest in training for all - good training results in better retention, stronger team, better capabilities. Also, investing in training MAY have a net cost benefit as can offset salary negotiation conversations.
Process
- Run simulation exercises (with external providers) both within the team and wider within the company.
- Dedicate time to building response playbooks.
Fingers are a little tired now 😅