Bluepurple Pulse: week ending April 30th
SolarWinds was found six months before anyone realized what it was and the extent.
Welcome to the weekly highlights and analysis of the blueteamsec subreddit (and my wider reading). Not everything makes it in, but the best bits do.
Operationally this week Fortra released the conclusions of their investigation related to their GoAnywhere MFT solution which led to a global incident. We had PaperCut being exploited at scale by criminal actors. We then have FIN7 targeting Veeam backup servers plus the usual mele.
In the high-level this week:
Spy chief warns Cabinet of AI disinformation risks - Previous head of GCHQ (Sir Jeremy) - “warned the Cabinet that artificial intelligence (AI) language services such as ChatGPT could become vehicles for disinformation.”
The New Risks ChatGPT Poses to Cybersecurity - related and covered in the Harvard Business Review so the great and the good will now be aware.
UK NCSC warns of emerging threat to critical national infrastructure - reporting based on the week prior - “New alert from NCSC highlights risk to CNI from state-aligned groups –…
Keep reading with a 7-day free trial
Subscribe to Cyber Defence Analysis for Blue & Purple Teams to keep reading this post and get 7 days of free access to the full post archives.