Interesting links of the week:
Strategy:
* https://www.ofcom.org.uk/siteassets/resources/documents/consultations/7986-cfi-security-resilience/annexes/detica-report.pdf?v=334114 - the start of OFCOM's journey to improve telecomms (from 2013)
* https://www.ncsc.gov.uk/blog-post/cyber-deception-trials-what-weve-learned-so-far - sometimes it's okay for NCSC to be deceptive
* https://arxiv.org/pdf/2512.03641 - modelling adversary decisions
* https://www.ncsc.gov.uk/blog-post/what-makes-a-responsible-cyber-actor - NCSC discuss responsible threat actors
* https://www.interface-eu.org/publications/cyber-red-flags - just what makes an irresponsible threat actor
* https://www.csis.org/analysis/criteria-cyber-situational-awareness - what does situational awareness mean in cyber
* https://www.redteammaturity.com/ - a maturity model for red teams
* https://redteam.guide/ - a handy guide to red team capability
* https://engage.mitre.org/ - if ATT&CK is operational, where do you start with forward planning your operational capability
Standards:
* https://www.rfc-editor.org/rfc/rfc6918.html - deprecating the fun bits of ICMP
Threats:
* https://medium.com/@meeswicky1100/unmasking-a-new-dprk-front-company-dredsoftlabs-bf9ed544d690 - beware of DredSoftLabs, a North Korean enterprise
* https://www.crowdstrike.com/en-us/blog/warp-panda-cloud-threats/ - CrowdStrikes latest missive on naughty pandas
Detection:
* https://api.gcforum.org/api/files/public/upload/c77233d5-139d-4fbd-a1a4-793a6f29916b_STC-report.pdf - spotting spoofed callers
Exploitation:
* https://scrapco.de/ - fun projects from @buherator
* https://bl4ckarch.github.io/posts/PrintSpoofer_from_scratch/ - spoofing the printer
* https://zplin.me/papers/GREBE.pdf - deep dive on Linux kernel bugs and exploitability
* https://faith2dxy.xyz/2025-11-28/extending_race_window_fallocate/ - winning races with the Linux kernel
Hard hacks:
* https://ioninja.com/ - manipulating protocols at the bits and bytes
* https://blog.byteray.co.uk/critical-vulnerabilities-in-rut22gw-industrial-lte-cellular-routers-f4eb8768feb7 - LTE modems go brrrrrrr
* https://mp.weixin.qq.com/s/mfXBJmTuDsE5Y5ufbffkjw?poc_token=HL9bPGmjQcx4HjY2q6nc3pvfsIFWuwnJf-vGJx33 - attacking the Globalstar uplink
Nerd:
* https://oswatcher.github.io/frontend/ - how Windows has changed over time
* https://social.coop/@eb/115646613032814668 - @eb's prompt for F/OSS projects
like this
Extending Kernel Race Windows Using '/dev/shm'
Recently, I came across this kernelCTF submission where the author mentions a novel technique for extending race windows in the Linux kernel: I learned…faith2dxy.xyz