Bluepurple Pulse: week ending October 2nd
Only one Stock Exchange mail server was disclosed as being breached this week..
Welcome to the weekly highlights and analysis of the blueteamsec subreddit (and my wider reading). Not everything makes it in, but the best bits do.
Operationally this week the new attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server which was shared late Thursday was the bow wave. Some excellent first party and second party reporting on the vulnerabilities and aftermath. Outside of that you will see below that the breadth of depth of campaigns is very real..
In the high-level this week:
Lindy Cameron discussed the cyber dimension of the Russia-Ukraine - a take away is one doesn’t just create a National Cyber Security Centre in isolation - the blended capability of Government is critical.
Patriotic Hacking’ Is No Exception - mix of ‘opinion piece’ and a ‘framework for analysing how patriotic hacking fits with various normative guidelines in cyber’ based around the Ukrainian IT Army and what they have been up to.
Keep reading with a 7-day free trial
Subscribe to Cyber Defence Analysis for Blue & Purple Teams to keep reading this post and get 7 days of free access to the full post archives.