braedach.com - Always Learning

braedach.com - Always Learning

Sign in Subscribe

Chinese hackers targeting remote workers

Chinese hackers targeting remote workers

Not the least bit surprised - I see 600 of these a day Chinese hackers targeting remote workers in Australia through Wi-Fi routers, VPNsThe technology of remote workers is being targeted by Chinese hackers to try and infiltrate corporate syste…9NewsRichard Wood "State-sponsored cyber actors have also compromised home

MCP stacks have a 92% exploit probability

MCP stacks have a 92% exploit probability

This is going to be a problem The same connectivity that made Anthropic's Model Context Protocol (MCP) the fastest-adopted AI integration standard in 2025 has created enterprise cybersecurity's most dangerous blind spot. https://venturebeat.com/security/mcp-stacks-have-a-92-exploit-probability-how-10-plugins-became-enterprise Recent research from Pynt quantifies the growing threat in

Asahi - Cybersecurity badly

Asahi - Cybersecurity badly

A case example of cybersecurity done poorly. Wish the article contained more details, so I will have to do some research when I get back to civilization to learn more. Details at bottom of the post are AI generated - saves hours of searching - its also wrong. This is

Windows PsExec Can Be Abused to Execute Malicious Code

Windows PsExec Can Be Abused to Execute Malicious Code

Now this just gives me the shits. There is a standard defense for this in Windows ASR (Attack Surface Reduction) that anybody who has Windows Professional or higher can apply. I know it works because I have tested my pen testing skills this way. How Windows Command-line Utility PsExec Can

Australian Made & Deployed

Australian Made & Deployed

Remember the term "Australia - the clever country", well it looks like the current state of world affairs is spurring our intellectual might into end results. Here is one example and there have been considerably more than one, it just takes - so damn long - to get

Cloudflare's Vibe-SDK

Cloudflare's Vibe-SDK

Yeah baby - on the ever-expanding to-do list Source: GitHub - cloudflare/vibesdk: An open-source vibe coding platform that helps you build your own vibe-coding platform, built entirely on Cloudflare stackAn open-source vibe coding platform that helps you build your own vibe-coding platform, built entirely on Cloudflare stack - GitHub

Proxmox VE - The right way

Proxmox VE - The right way

Here is a brilliant post by Brandon Lee on how to setup Proxmox It is well worth the read How to Run Docker on Proxmox the Right Way (and Avoid Common Mistakes)Learn how to run Docker on Proxmox the right way, avoid common setup mistakes, and optimize networking, storage,

Windows 25H2 - Approaching

Windows 25H2 - Approaching

Apparently, Microsoft are getting ready to deploy the new version If you are already running 24H2, you will see it appear in the Windows Update notifications as a feature enablement update. Installation will not take long due to the way the feature enablement update works and likely will simply require

Quantum sensing can secure Australia’s future

Quantum sensing can secure Australia’s future

Interesting Quantum sensing can secure Australia’s future, today | The StrategistAustralia has world-class quantum talent. But without testbeds, procurement pathways and clear missions, that promise won’t translate into capability. While Australia has clear strengths in quantum computing, it will be a long-term undertaking, though one…The StrategistRajiv Shah So,

Axelera Metis M.2 Max Edge AI module

Axelera Metis M.2 Max Edge AI module

Oh baby, more research required The new Metis M.2 Max also offers a slimmer profile, advanced thermal management features, and additional security capabilities. It is equipped with up to 16 GB of memory, and versions for both a standard operating temperature range (-20°C to +70°C) and an

6 Degrees of Separation

6 Degrees of Separation

Watched this last night with the wife. The beautiful math behind six degrees of separation Really interesting stuff on networks, which is right down my alley. More information here Six degrees of separation is the idea that all people are six or fewer social connections away from each other. As

Jane Goodall - RIP

Jane Goodall - RIP

There goes another remarkable woman. Jane Goodall, who gave chimps their souls back, dead at 91British primatologist Jane Goodall entered the African wilderness at 26 years old without any formal scientific training or university degree. She emerged with research that forever changed how we understood the animal kingdom.ABC NewsMBy

The IP Host heatmap

The IP Host heatmap

I was looking for a heatmap of the amount of IP addresses per country. I had an old one that I dug up somewhere and stuck in my ghost image library. I pull this server up and down quite a bit, but for the moment it can live in Frankfurt,

EDR Freeze - GPO Defense

EDR Freeze - GPO Defense

Okay this may take a while. A discussion with an AI The following post is taken from here: New EDR-Freeze Tool That Puts EDRs and Antivirus Into A Coma StateA new proof-of-concept tool named EDR-Freeze has been developed, capable of placing Endpoint Detection and Response (EDR) and antivirus solutions into

Broaden the mind

Broaden the mind

No, I don't speak it. Like the song though. This one, interesting. #enoughsaid

Docker - Lightbulb

Docker - Lightbulb

A quick thought 1. When you build your docker network, think about your networks, ie.. backend, frontend, proxy, tunnel etc.. 2. Create these in your basestack (so since my base stack is watchtower, clamAV, fail2ban etc..), I would attach all the above to backend-net but then create the additional networks

GitHub - Its October

GitHub - Its October

Blah, not ready. Too much still to do. I really need to finish my GPO review, updating stacks, cull my projects, get that NAS drive, get a UPS, make the server rack, etc... But I keep finding so much interesting stuff. For the month of October 2025, we are introducing

Hackers using Browser Extensions

Hackers using Browser Extensions

Here we go again Chromium-based browsers, including Chrome, Edge, and Brave, manage installed extensions via JSON preference files stored under %AppData%\Google\User Data\Default\Preferences (for domain-joined machines) or Secure Preferences (for standalone systems). Synacktiv research indicates that by directly altering these files, attackers can make the browser load

The VPN Enigma

Told you. Want a VPN then your own or replace your router. If you're not technically savvy this is the best option - get one with a VPN server and a client That way you can connect to it, and if required bounce back out via say America

Australian boards not cyber mature

Australian boards not cyber mature

Nothing new here New research showed that cyber investment priorities for the past 12 months neglected third-party vulnerabilities, despite it being the “number one cyber risk for Australian organizations”, it found GCs don’t see their boards as ‘cyber mature’, report findsNew research showed that cyber investment priorities for the

Google Analytics - Firewall

Google Analytics - Firewall

I have been experimenting with this, and are building up some data. Unfortunately the Firewall is blocking this due to privacy so its throwing my numbers out. Need to take a look. Domain Analysis: www.googletagmanager.com Domain overview www.googletagmanager.com is the primary content delivery endpoint for Google

The Passkey Hijack

The Passkey Hijack

What really went down? Is the savior of authentication, the bane of hackers in trouble? A quick post. It's in the link Your passkeys could be vulnerable to attack, and everyone - including you - must actWhen a clickjack attack managed to hijack a passkey authentication ceremony, were

Milei may be in trouble

Milei may be in trouble

There was little time for Milei to feel down on Monday morning. Crisis management was called for after the financial markets reacted negatively to the election defeat, which was unexpected, at least to this extent: the peso moved threateningly towards the upper limit of its range against the dollar as

Immutable operating systems ??

Immutable operating systems ??

What are they? It's far easier to read this post than me rabbiting on. Immutable operating systems are a blessing and a curseThe double-edged sword of the Linux ecosystemXDAAyush Pande Starting with the brass tacks, immutable distributions essentially lock down the core part of your OS. On typical

Study reveals widespread silent keystroke interception

Study reveals widespread silent keystroke interception

Really. What the hell The researchers built a custom web crawler and tested 15,000 websites from across the internet. They discovered that 91 percent of sites used event listeners in some way. While most were used for basic functions like tracking page loads or clicks, a significant portion were