Welcome to the weekly highlights and analysis of the blueteamsec subreddit.

Operationally this week the usual tempo with the standout being a Windows local privilege escalation vulnerability released by a researcher getting used in the wild within days.

In the high-level this week:

• Insurers run from ransomware cover as losses mount - we covered the losses a couple of weeks ago - this is the result. It does make me wonder what this will do to the valuations of the cyber insurance tech unicorns.

• The UK’s NHS Digital released their Cyber security guide for NHS Non-Executive Directors: Balancing risk - this reminded me of a publication I wrote on a similar topic in 2015 titled Cyber Risk & Security Guidance for Non-Executive Directors - good cyber governance on boards still remains wanting for the most part (I am available should your board need more cyber).

• GoDaddy revealed in their SEC filing that they suffered a security incident with a WordPress which resulted in some TLS private certifica…