Welcome to the weekly highlights and analysis of the blueteamsec subreddit.

Operationally this week we are seeing surges from various ransomware actors. Speaking to some peers in the industry there is a concern that with the Ukraine/Russia situation showing no signs of deescalating we might see a surge of disruptive malicious activity prior to any land invasion.. guess it is wait and see time..

In the high-level this week:

• Microsoft will be blocking Internet originating macros in Microsoft Office on Windows by default - probably one of the most impactful changes a vendor has ever made for security after enabling SSL/TLS by default.

• CISA adds numerous known exploited vulnerabilities to its list

  • Added One - a local Windows privilege escalation vulnerability.

  • Added Fifteen - numerous vulns from 2014 onwards!

• Two Arrested for Alleged Conspiracy to Launder $4.5 Billion in Stolen Cryptocurrency Government Seized $3.6 Billion in Stolen Cryptocurrency Directly Linked to 2016 Hack of Virtual Curr…