Welcome to the weekly highlights and analysis of the blueteamsec subreddit.

In the high-level this week first was the revelation that FIN7 established a new front company called Bastion Secure which recruited penetration testers to support their ransomware operations. This isn’t the first time they’ve done this and in part is likely symptomatic of new ways of working i.e. fully remote and gig based. Fascinating times when employees need to do due-diligence on employers.

Second is Joint Statement of the Ministers and Representatives from the Counter Ransomware Initiative Meeting October 2021 hosted by the USA. To save you a read the headlines are - Resilience, Countering Illicit Finance, Disruption and other Law Enforcement Efforts and Diplomacy. Then as if by magic Reuters reported the REvil Tor site was hacked and forced offline by US Government and friends. Get the🍿 as initial reports indicate than some ransomware affiliates are directing retaliation against US assets.

Finally I ran…