Bluepurple Pulse: week ending December 5th
Revil using their ill-gotten gains to support the production of cakes
Welcome to the weekly highlights and analysis of the blueteamsec subreddit.
Operationally this week nothing of note beyond the usual.
In the high-level this week:
The Lloyds insurance market put out new clauses around Cyber War and Cyber Operations exclusions. It is clear that cyber insurance has some headwinds at the moment and is looking to reduce liability.
We (NCC Group) released earlier in the month an empirical analysis of over seven hundred ransomware negotiations. - “If we look at the price setting and negotiation from the adversaries’ point of view, we see that they wield a massive advantage over their victims.”
The FBI seized $2.3M from an affiliate of the REvil, Gandcrab ransomware gangs - I’m curious if the wallets were located within US boarders at point of seizure or was it extrajudicial or judicial seizer overseas? The notes say the wallet is in Dallas now interestingly.
Another week another $120 million DeFi theft, this time from BadgerDAO - this is turning into a bloodbath.…
Keep reading with a 7-day free trial
Subscribe to Cyber Defence Analysis for Blue & Purple Teams to keep reading this post and get 7 days of free access to the full post archives.