Bluepurple Pulse: week ending March 13th
Still no global cyber war - just unpeace
Welcome to the weekly highlights and analysis of the blueteamsec subreddit.
Operationally this week we have been focused on victim discovery in relation to APT activity. This resulted in us working with a number of governments globally late Friday to inform victims of a broad Chinese intrusion (~50 victims) - 4pm on a Friday in fact. Beyond that the usual background of cases. The Ukraine situation continues to drive an anxious response from various organisations leading investigations - observing these have been false positive to date in our markets.
In the high-level this week:
US SEC Proposes Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies - amendments to its rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies.
US Department of Commerce and Department of Homeland Security released their Assessment of the Critical Supply Chains Supp…