Bluepurple Pulse: week ending January 16th
Iran is on the naughty step
Welcome to the weekly highlights and analysis of the blueteamsec subreddit.
Bit early this week due to busyness.
Operationally this week from our inbound IR cases it looks like various surges of ransomware with no specific strain or group standing out. Criminals back from their holidays it would seem..
In the high-level this week:
Protect Yourself: Commercial Surveillance Tools - An interesting infomercial of sorts from the US National Counter Intelligence and Security Center in response to NSO/Pegasus and other commercial offensive capability being thrown at US targets.
Non-Escalatory Attribution of International Cyber Incidents - from the United Nations Institute for Disarmament Research. It makes a number of recommendations on norms to operationalise the attribution process. It reads a bit like I would imagine mandatory training on Cyber Mediation for the Newly Offensively Enabled State would read like in an attempt to avert world war III by accident.