Cyber Defence Analysis for Blue & Purple Teams

Share this post

Bluepurple Pulse: week ending November 28th

bluepurple.binaryfirefly.com

Bluepurple Pulse: week ending November 28th

Ollie
Nov 26, 2021
1
Share this post

Bluepurple Pulse: week ending November 28th

bluepurple.binaryfirefly.com

Welcome to the weekly highlights and analysis of the blueteamsec subreddit.

Operationally this week the usual tempo with the standout being a Windows local privilege escalation vulnerability released by a researcher getting used in the wild within days.

In the high-level this week:

  • Insurers run from ransomware cover as losses mount - we covered the losses a couple of weeks ago - this is the result. It does make me wonder what this will do to the valuations of the cyber insurance tech unicorns.

  • The UK’s NHS Digital released their Cyber security guide for NHS Non-Executive Directors: Balancing risk - this reminded me of a publication I wrote on a similar topic in 2015 titled Cyber Risk & Security Guidance for Non-Executive Directors - good cyber governance on boards still remains wanting for the most part (I am available should your board need more cyber).

  • GoDaddy revealed in their SEC filing that they suffered a security incident with a WordPress which resulted in some TLS private certifica…

Keep reading with a 7-day free trial

Subscribe to Cyber Defence Analysis for Blue & Purple Teams to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
© 2023 Ollie Whitehouse from BinaryFirefly
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing