Bluepurple Pulse: week ending April 23rd
Privacy debates appear mostly polarized and need move to a 'slider' of tradeoffs and consequences..
Welcome to the weekly highlights and analysis of the blueteamsec subreddit (and my wider reading). Not everything makes it in, but the best bits do.
Operationally this week you will see there is a lot of reporting. The standout continues to be revelations in the 3CX case where the supply chain attack they enabled was in part caused by another supply chain attack. I’m not sure I agree with the all the headlines about this being the first second order supply chain attack. The first detected? the first publicly reported? maybe..
In the high-level this week:
Eight Chinese Government Officials Charged with Directing Employee of a U.S. Telecommunications Company to Remove Chinese Dissidents from Company's Platform - insider threat from those who can be compelled by the state is real.
Crypto-assets: green light to new rules for tracing transfers in the EU - crypto assets are no longer going to be what cypherpunk’s hoped it would be at least in Europe.
Keep reading with a 7-day free trial
Subscribe to Cyber Defence Analysis for Blue & Purple Teams to keep reading this post and get 7 days of free access to the full post archives.