Welcome to the substack highlights from the blueteamsec subreddit.

Operationally a big focus was trying to work out who had been impacted by Autodiscover which allowed Amit Serper to between April 16th, 2021 to August 25th, 2021 capture:

372,072 Windows domain credentials in total.

96,671 UNIQUE credentials that leaked from various applications such as Microsoft Outlook, mobile email clients and other applications interfacing with Microsoft’s Exchange server.

There is probably a debate here around proportionality of the research and if five months was needed to prove it.

The real kicker was this research wasn’t new as Eli (Ilya) Nesterov and Max Goncharov had presented this exact attack in 2017 at Blackhat Asia. The triple kicker was we fixed this when at BlackBerry for BIS in ~2010.

We also had the Lithuanian National Cyber Security Centre publish their Assessment of cybersecurity of mobile devices supporting 5G technology sold in Lithuania. The findings included backdoors and censorship …