Cyber Defence Analysis for Blue & Purple Teams

Cyber Defence Analysis for Blue & Purple Teams

Share this post

Cyber Defence Analysis for Blue & Purple Teams
Cyber Defence Analysis for Blue & Purple Teams
Bluepurple Pulse: week ending September 26th
Copy link
Facebook
Email
Notes
More

Bluepurple Pulse: week ending September 26th

Cyber poverty line..

Ollie's avatar
Ollie
Sep 25, 2021
∙ Paid
1

Share this post

Cyber Defence Analysis for Blue & Purple Teams
Cyber Defence Analysis for Blue & Purple Teams
Bluepurple Pulse: week ending September 26th
Copy link
Facebook
Email
Notes
More
Share

Welcome to the substack highlights from the blueteamsec subreddit.

Operationally a big focus was trying to work out who had been impacted by Autodiscover which allowed Amit Serper to between April 16th, 2021 to August 25th, 2021 capture:

372,072 Windows domain credentials in total.

96,671 UNIQUE credentials that leaked from various applications such as Microsoft Outlook, mobile email clients and other applications interfacing with Microsoft’s Exchange server.

There is probably a debate here around proportionality of the research and if five months was needed to prove it.

The real kicker was this research wasn’t new as Eli (Ilya) Nesterov and Max Goncharov had presented this exact attack in 2017 at Blackhat Asia. The triple kicker was we fixed this when at BlackBerry for BIS in ~2010.

We also had the Lithuanian National Cyber Security Centre publish their Assessment of cybersecurity of mobile devices supporting 5G technology sold in Lithuania. The findings included backdoors and censorship …

Keep reading with a 7-day free trial

Subscribe to Cyber Defence Analysis for Blue & Purple Teams to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
© 2025 Ollie Whitehouse from BinaryFirefly
Privacy ∙ Terms ∙ Collection notice
Start writingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More