Welcome to the weekly highlights and analysis of the blueteamsec subreddit (and my wider reading). Not everything makes it in, but the best bits do.

Operationally this week the fallout from the Fortra GoAnywhere vulnerability from early February continues to be felt. This includes Rubrik’s Response, Rio Tinto impacted and then reporting that 130 organizations has been breached with the attacks had been linked to Cl0p. This is what happens when organized crime identifies and exploit vulnerabilities at scale. Beyond that the level of activity and reporting this week is very busy..

In the high-level this week:

• SEC Proposes New Requirements to Address Cybersecurity Risks to the U.S. Securities Markets - “requirements for broker-dealers, clearing agencies, major security-based swap participants, the Municipal Securities Rulemaking Board, national securities associations, national securities exchanges, security-based swap data repositories, security-based swap dealers, and transfer agents (co…