Bluepurple Pulse: week ending February 13th
How close are we to World War III?
Welcome to the weekly highlights and analysis of the blueteamsec subreddit.
Operationally this week we are seeing surges from various ransomware actors. Speaking to some peers in the industry there is a concern that with the Ukraine/Russia situation showing no signs of deescalating we might see a surge of disruptive malicious activity prior to any land invasion.. guess it is wait and see time..
In the high-level this week:
Microsoft will be blocking Internet originating macros in Microsoft Office on Windows by default - probably one of the most impactful changes a vendor has ever made for security after enabling SSL/TLS by default.
CISA adds numerous known exploited vulnerabilities to its list
Added One - a local Windows privilege escalation vulnerability.
Added Fifteen - numerous vulns from 2014 onwards!
Keep reading with a 7-day free trial
Subscribe to Cyber Defence Analysis for Blue & Purple Teams to keep reading this post and get 7 days of free access to the full post archives.