Cyber Defence Analysis for Blue & Purple Teams

Share this post

Bluepurple Pulse: week ending October 2nd

bluepurple.binaryfirefly.com

Bluepurple Pulse: week ending October 2nd

Only one Stock Exchange mail server was disclosed as being breached this week..

Ollie
Sep 30, 2022
∙ Paid
3
Share this post

Bluepurple Pulse: week ending October 2nd

bluepurple.binaryfirefly.com
Share

Welcome to the weekly highlights and analysis of the blueteamsec subreddit (and my wider reading). Not everything makes it in, but the best bits do.

Operationally this week the new attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server which was shared late Thursday was the bow wave. Some excellent first party and second party reporting on the vulnerabilities and aftermath. Outside of that you will see below that the breadth of depth of campaigns is very real..

In the high-level this week:

  • Lindy Cameron discussed the cyber dimension of the Russia-Ukraine - a take away is one doesn’t just create a National Cyber Security Centre in isolation - the blended capability of Government is critical.

  • Patriotic Hacking’ Is No Exception - mix of ‘opinion piece’ and a ‘framework for analysing how patriotic hacking fits with various normative guidelines in cyber’ based around the Ukrainian IT Army and what they have been up to.

  • Energy, Finance and Telecoms Corporations Test …

Keep reading with a 7-day free trial

Subscribe to

Cyber Defence Analysis for Blue & Purple Teams
to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
© 2023 Ollie Whitehouse from BinaryFirefly
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing