Bluepurple Pulse: week ending January 29th
Insurers exploring if they can get a government safety net for cyber policies..
Welcome to the weekly highlights and analysis of the blueteamsec subreddit (and my wider reading). Not everything makes it in, but the best bits do.
Operationally this week Riot games disclosed they were comprised via social engineering which resulted in updates being suspended. Mailchimp disclosed another security incident. GoTo provided an update on their breach from November.
In the high-level this week:
Readout of Office of the National Cyber Director Meetings with Cybersecurity Researchers - “To ensure that their voices are reflected in Federal initiatives, officials agreed that they would continue to engage the broader cybersecurity research community in the development and implementation of cybersecurity policy.”
Ransomware Revenue Down As More Victims Refuse to Pay - “2022 was an impactful year in the fight against ransomware. Ransomware attackers extorted at least $456.8 million from victims in 2022, down from $765.6 million the year before.”