Welcome to the substack highlights from the blueteamsec subreddit.

Operationally nothing is standout this week other than having too much fun surging against a commercial red team to develop understanding of their tradecraft and infrastructure.

In the high-level we saw the CyberPeace Institute and the Cybersecurity Tech Accord publish a manifesto outlining their focus on Prioritizing Human-Centric Equities within the Proposed UN Cybercrime Treaty. There are some admirable calls in it, but we will have to accept a balkanised Internet in part by the likes of China and Russia.

In the technical it was disclosed there is a bug (not security directly) in gpsd in Linux which on October 23rd 2021 (this month) will cause the time to jump back 1024 weeks. Understanding the implications and impact at a national level for all systems which derive their time via gpsd for the affected versions on Linux via GNSS (GPS) or a AIS receiver feels challenging today. Versions v3.20 - v3.22 are affected with v…