Welcome to the substack highlights from the blueteamsec subreddit.
Operationally this week:
Ransomware - but that’s every week!
Understanding the full implications of the JavaScript RSA library (keypair) which led to duplicate keys being generated - this just happened to be used in tooling used in a number of developer oriented environments such as GitKraken.
the new Apache vulnerability and ALPACA - see later under Vulnerabilities.
In the high-level the USA’s Financial Crimes Enforcement Network released their ransomware trends in bank secrecy data for the first 6 months of 2021. Punchline?
The total value of suspicious activity reported in ransomware-related SARs during the first six months of 2021 was $590 million, which exceeds the value reported for the entirety of 2020 ($416 million).
but
Based on blockchain analysis of identifiable transactions with the 177 CVC wallet addresses, FinCEN identified approximately $5.2 billion in outgoing BTC transactions potentially tied to ransomware pa…
Keep reading with a 7-day free trial
Subscribe to Cyber Defence Analysis for Blue & Purple Teams to keep reading this post and get 7 days of free access to the full post archives.