Bluepurple Pulse: week ending November 28th
Welcome to the weekly highlights and analysis of the blueteamsec subreddit.
Operationally this week the usual tempo with the standout being a Windows local privilege escalation vulnerability released by a researcher getting used in the wild within days.
In the high-level this week:
Insurers run from ransomware cover as losses mount - we covered the losses a couple of weeks ago - this is the result. It does make me wonder what this will do to the valuations of the cyber insurance tech unicorns.
The UK’s NHS Digital released their Cyber security guide for NHS Non-Executive Directors: Balancing risk - this reminded me of a publication I wrote on a similar topic in 2015 titled Cyber Risk & Security Guidance for Non-Executive Directors - good cyber governance on boards still remains wanting for the most part (I am available should your board need more cyber).
GoDaddy revealed in their SEC filing that they suffered a security incident with a WordPress which resulted in some TLS private certifica…
Keep reading with a 7-day free trial
Subscribe to Cyber Defence Analysis for Blue & Purple Teams to keep reading this post and get 7 days of free access to the full post archives.