Cyber Defence Analysis for Blue & Purple Teams

Cyber Defence Analysis for Blue & Purple Teams

Share this post

Cyber Defence Analysis for Blue & Purple Teams
Cyber Defence Analysis for Blue & Purple Teams
Bluepurple Pulse: week ending May 8th

Bluepurple Pulse: week ending May 8th

China is oh so very active..

Ollie's avatar
Ollie
May 06, 2022
∙ Paid
3

Share this post

Cyber Defence Analysis for Blue & Purple Teams
Cyber Defence Analysis for Blue & Purple Teams
Bluepurple Pulse: week ending May 8th
Share

Welcome to the weekly highlights and analysis of the blueteamsec subreddit (and my wider reading).

Operationally this week we had a number of big vulnerabilities land and the scale of the intrusions into Heroku became clear (see relevant sections later). Other than that it has only taken us about a month to transfer details of a critical vulnerability to a vendor due to a slightly apathetic response their side. The fact this is a thing and there isn’t machine to machine brokerage service for vulnerability disclosure run by a CERT or similar makes me wonder if there is an opportunity to offer it “as a Service”.

In the high-level this week:

  • The Indian government issued the most bold set of stipulations ever with regards to incident reporting for a “Safe & Trusted Internet”. Including:

    • Any service provider, intermediary, data centre, body corporate and Government organisation shall report incidents within 6 hours

    • The mandatory reporting includes scanning, phishing etc.

    • The incidents can be rep…

Keep reading with a 7-day free trial

Subscribe to Cyber Defence Analysis for Blue & Purple Teams to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
© 2025 Ollie Whitehouse from BinaryFirefly
Privacy ∙ Terms ∙ Collection notice
Start writingGet the app
Substack is the home for great culture

Share