My fourth podcast episode for Corelight is live. I interview one of our senior leaders to learn how to enjoy a long career in technology and security.
https://podcasts.apple.com/us/podcast/corelight-defendrs/id1843154362
Richard Bejtlich
I was a captain in the United States Air Force who formally trained as an intelligence officer. I later worked in information warfare. I promoted the concept that "prevention eventually fails" in my first book (2004) and developed tactics, operations, and strategy to detect and respond to nation-state and criminal computer intrusions. I wrote about cybersecurity from 2001 to 2021. I created the GE-CIRT and was Mandiant's first CISO. I currently advocate #NetworkSecurityMonitoring for @corelight. My latest books are here #ad https://amzn.to/3B2AcMc
@tg9541 hello, here are my notes: Asus EeeBox PC EB1012 [eeepc] Intel Atom 330 1.6 GHz 4 GB RAM 250GB SATA HDD, NVIDIA ION, Gigabit Ethernet, WLAN 802.11 b/g/n
Looks like I posted too soon. Although I completed the install, the box wouldn’t stay operational for long. I think it’s an internal power issue. Time for retirement!
Who else feels compelled to squeeze every last bit of life from old hardware? This is installation of Debian 13 on an Asus eeepc from 2009. Previously it ran FreeBSD, but after swapping out the ORIGINAL dead HDD for a newer (!) 2018 model, I decided to see how Debian likes this hardware. I also want to see what fwupd can do for any firmware.
Love this post by David showing how Corelight detects this vuln.
RE: https://infosec.exchange/@anyrun_app/115661379834981843
This is off the charts!
Episode 3 of my podcast for Corelight is live. Hear about network security and visibility for cloud workloads with David!
https://podcasts.apple.com/us/podcast/corelight-defendrs/id1843154362
Houston, we have installed #FreeBSD 15.0-REL with KDE Plasma 6.4.5 on a Lenovo ThinkPad X1 Carbon Gen 6 laptop.
I have come full circle. I used to daily drive FreeBSD 5.x on a Thinkpad a20p in the early 2000s.
Today I used the "technology preview" method for pkg installation, too. I posted this from the laptop, of course!!
Thanks to everyone who made this possible, including the parties who made the script to install KDE with one command. #freebsd15
Episode 2 is live -- check it out! All security content, no filler. My guest is Mark Overholser and we talk about what it's like to work in the Black Hat NOC.
Apple: https://podcasts.apple.com/us/podcast/corelight-defendrs/id1843154362
Spotify: https://open.spotify.com/show/2L2bkmbxaMxlz46xzhPNAH
YouTube: https://www.youtube.com/playlist?list=PLBKbF72bCp2UtefR6_GhrKATP3tVD7Vev
Heavyweight Linux kernel maintainer and security leader Greg Kroah-Hartman made a compelling case for why Rust is in the kernel. https://m.youtube.com/watch?v=HX0GH-YJbGw
Speaking of coreutils, we have an update today: https://lists.gnu.org/archive/html/info-gnu/2025-11/msg00000.html
I frequently see complaints about C-based coreutils being replaced by Rust-based coreutils. The argument is usually something like "coreutils are battle-tested and have been heavily scrutinized. Why replace them with something that will have bugs?" Today I looked at the bug list for coreutils. Cue the Yikes Monkey meme. https://debbugs.gnu.org/cgi/pkgreport.cgi?pkg=coreutils
I'm hosting a new podcast for @corelight. Check out my first episode with our field CTO, Vince Stoffer. Expect new episodes every two weeks. This is no buddy cop discussion -- max content, minimum banter, in about 15 minutes!
https://open.spotify.com/episode/0SD2gUvIuB65YFmjjtXfTR
https://podcasts.apple.com/us/podcast/corelight-defendrs/id1843154362
https://www.youtube.com/watch?v=IgmZxV2OP9k
@dougburks this is my latest iteration. Ubiquiti networking gear, Net Optics tap, a few small form factor PCs. Small Corelight sensor.
Do you remember the story of the UK-based logistics company that closed due to ransomware and laid off 730 workers?
Today in an article about a warning to UK businesses about cyber incidents, their “director” said they “were throwing £120,000 a year at [cyber-security] with insurance and systems and third-party managed systems.”
That’s the cost of one cyber FTE, and it sounds like they didn’t employ ANY cyber people. This is what I mean by the “security 1%.”
https://taosecurity.blogspot.com/2020/10/security-and-one-percent-thought.html
This company was in the 99%, and intruders put them out of business, despite apparently having $100 million in annual revenue?
I never blame victims of intrusions, but the underinvestment in security is appalling.
Refs: https://www.bbc.com/news/articles/ced61xv967lo and https://www.northantstelegraph.co.uk/news/people/kettering-haulage-company-knights-of-old-group-goes-into-administration-with-730-redundancies-4349040#
I agree with Shelby Foote. He was the author of a massive history of the Civil War and one of the “stars” of Ken Burns’ brilliant documentary.
I just read articles in The Economist saying “Coders need to start thinking like civil engineers.” NO! Civil engineers aren’t being attacked by criminals or nation state actors. Their adversaries are mindless, being forces of nature. Cyber adversaries are intelligent and adaptive.
@dougburks cool, thank you.
@dougburks Doug did you update in place or reflash? I’m probably going to try upgrading in place even though it’s not “supported.” 😆
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst