Cyber Defence Analysis for Blue & Purple Teams

Share this post

Bluepurple Pulse: week ending October 10th

bluepurple.binaryfirefly.com

Bluepurple Pulse: week ending October 10th

Ollie
Oct 9, 2021
1
Share this post

Bluepurple Pulse: week ending October 10th

bluepurple.binaryfirefly.com

Welcome to the substack highlights from the blueteamsec subreddit.

Operationally this week it has been about three things:

  1. Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49 (CVE-2021-41773) and the subsequent exploitation (and the remote command execution it enabled).

  2. Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) (CVE-2021-42013) - yes they botched the fix the first time around.

  3. Google notifying 14,000 people they were targeted by Russia (APT28/Fancy Bear etc.) and the subsequent sharing of a subset of IoCs.

In the high-level:

  • Syniverse which routes billions of SMS messages for hundreds of telecommunications carriers disclosed in their SEC filing they had been hacked for five years. SMS multi-factor authentication anyone?

  • Singapore released their 2021 cyber security strategy which is meta for pretty much every other countries - build resilience, enable safety online and co-operate nationally and…

Keep reading with a 7-day free trial

Subscribe to Cyber Defence Analysis for Blue & Purple Teams to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
© 2023 Ollie Whitehouse from BinaryFirefly
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing