Welcome to the weekly highlights and analysis of the blueteamsec subreddit (and my wider reading).

Operationally this week nothing really of note, usual tempo for the most part although organised crime does continue to be busy. Outside of that Lastpass did a sterling job on their own breach disclosure in terms of transparency. Also how Mailchimp etc. got compromised (phishing) has come to light and the fall out of which continues to be clearer (see below in the reporting under the Okta sections).

In the high-level this week:

• High Court gives green light to Pegasus spyware case in London against Kingdom of Saudi Arabia - The High Court has today ruled the KSA does not have immunity under the State Immunity Act 1978 in relation to a case brought against it by satirist and human rights activist Ghanem Al-Masarir for its alleged use of spyware to infiltrate his mobile phones - fascinating legal judgement and may make states think twice. Well states except China, Iran, Russia and North Kore…