Bluepurple Pulse: week ending November 14th
Some cyber insurance actuaries likely need to be better
Welcome to the weekly highlights and analysis of the blueteamsec subreddit.
Operationally this week a focus on ransomware. We’ve seen various victims which have the genesis of their breach in this activity - Exploited Exchange Servers - Mails with links to malware from known/valid senders. Beyond that zero-days… zero-days everywhere.. from macOS chains through to unfortunate bug clashes between the Chinese government and those vulnerabilities shown at the Tianfu Cup and more.
In the high-level we can see that the US Government embracing their inner Liam Neeson is going to yield:
US Department of State is offering 10 milllllion dollars for information on leaders of the DarkSide Ransomware as a Service and 5 millllion for any conspirators. Where are the cyber Boba Fetts when you need them?
A Ukrainian was arrested and charged with the ransomware attack on Kaseya which was the managed service software provider that resulted impact on over 1,000 companies. The individual is likely reflectin…
Keep reading with a 7-day free trial
Subscribe to Cyber Defence Analysis for Blue & Purple Teams to keep reading this post and get 7 days of free access to the full post archives.