Bluepurple Pulse: week ending December 4th
If you needed proof cyber is complex.
Welcome to the weekly highlights and analysis of the blueteamsec subreddit (and my wider reading). Not everything makes it in, but the best bits do.
Operationally this week it has all been about people playing with OpenAI and ChatGPT on social media. Well not entirely, but a lot. ChatGPT, prompt engineering and the underlying large language models are showing value in likely ways people didn’t envisage in cyber scenarios. Some examples from the fun this week include having it generate post exploitation payloads, having it generate Yara detection rules and finally having it boost reverse engineering productivty. Anyway the fun will subside but we have seen a glimpse of the future.
In the high-level this week:
NSA cyber director talks threats, opportunities - Rob Joyce delivers the wisdom.
Before the Invasion: Hunt Forward Operations in Ukraine - US basically say they knew what was coming so started work early - U.S. joint forces, in close cooperation with the government of Ukraine, conduct…