Welcome to the weekly highlights and analysis of the blueteamsec subreddit (and my wider reading). Not everything makes it in, but the best bits do.

Operationally this week nothing overly standout, the tempo remains the same. The mass compromise since November of a vendors backup software when exposed to the Internet which appears to have gone undetected until now is the most interesting (see reporting under ‘Exploitation’).

In the high-level this week:

• Cyber-Attacks Must Be Reported in France to Authorities Within 72-Hours to Benefit from Insurance Coverage from April 24th - Good news but will lead to technical definitions and legal wrangling I suspect.

• Hacks, Bots and Blackmail: How Secret Cyber Mercenaries Disrupt Elections - if true / accurate this is pretty explosive and Israel will likely be held to account for what it is allowing to happen from its shores.

• Russian Businessman Found Guilty in $90 Million Hack-to-Trade Conspiracy - Defendant among five charged in global scheme that u…