Cyber Defence Analysis for Blue & Purple Teams

Share this post

Bluepurple Pulse: week ending January 30th

bluepurple.binaryfirefly.com

Bluepurple Pulse: week ending January 30th

Yes it really is this bad..

Ollie
Jan 29, 2022
1
Share this post

Bluepurple Pulse: week ending January 30th

bluepurple.binaryfirefly.com

Welcome to the weekly highlights and analysis of the blueteamsec subreddit.

Operationally this week nothing really standout just the high tempo ultra marathon as usual..

In the high-level this week:

  • Cyber Risks and Business Interruption Insurance - Merck and International Indemnity v ACE - Merck suffered US$1.4 billion in business interruption losses from the Notpetya cyber attack of 2017 - their insurance tried to not pay - their insurer lost in court.

  • Crypto.com had a breach - 483 users suffered unauthorised withdrawals totalled 4,836.26 ETH, 443.93 BTC and approximately US$66,200 in other cryptocurrencies - actor was somehow able to bypass multifactor authentication to steal a lot of assets.

  • CISA in the US added 13 known exploited vulnerabilities to its MUST FIX catalogue - this list makes federal agencies jump into action.

  • Whitehouse mandates Zero Trust Architecture within Federal government by the end of FY 2024 - US federal government is engaging warp 9 - big move here (😘)- it will p…

Keep reading with a 7-day free trial

Subscribe to Cyber Defence Analysis for Blue & Purple Teams to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
© 2023 Ollie Whitehouse from BinaryFirefly
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing