Welcome to the weekly highlights and analysis of the blueteamsec subreddit (and my wider reading). Not everything makes it in, but the best bits do.

Operationally this week you will see there is a lot of reporting around Russian activity. The other key notes are that North Korea and their crypto campaigns continue and the Iranian supply chain attack used to deploy a wiper in Israel is a cause of concern.

In the high-level this week:

• 600k Euro fine under GDPR in France for storing passwords as MD5s without salts - I forgot to cover this last week, but it’s an interesting turn of events and will strike fear in the technical debt laden firms who fall under GDPR

• Combating Cybercrime, with Bryan Smith - Podcast with Bryan Smith, chief of the FBI’s Cybercriminal Section and a 20-year bureau veteran, about the growing threat of cybercrime to both individuals and large corporations.

• US National Defense Authorization Act (NDAA) for Fiscal Year 2023 (FY23) - 965 mentions of cyber, the summary mentio…