Cyber Defence Analysis for Blue & Purple Teams

Cyber Defence Analysis for Blue & Purple Teams

Share this post

Cyber Defence Analysis for Blue & Purple Teams
Cyber Defence Analysis for Blue & Purple Teams
Bluepurple Pulse: week ending December 19th 🎅
Copy link
Facebook
Email
Notes
More

Bluepurple Pulse: week ending December 19th 🎅

What a difference a week makes

Ollie's avatar
Ollie
Dec 17, 2021
∙ Paid
1

Share this post

Cyber Defence Analysis for Blue & Purple Teams
Cyber Defence Analysis for Blue & Purple Teams
Bluepurple Pulse: week ending December 19th 🎅
Copy link
Facebook
Email
Notes
More
Share

Welcome to the weekly highlights and analysis of the blueteamsec subreddit.

Operationally this week it has been the usual operational blend and tempo - ha! OK - who are we kidding. Lets be honest it has all been on 🔥 to varying degrees as the scale, complexity and reality of log4j (CVE-2021-44228 and CVE-2021-45046) has become clear.

We today sit with various nation states including China, North Korea, Iran and Turkey exploiting it coupled with a maelstrom of organised (and disorganised) criminal activity including ransomware (and not just Minecraft servers).

Everything we know from the Subreddit is maintained in this meta thread - https://www.reddit.com/r/blueteamsec/comments/rd38z9/log4j_0day_being_exploited/ - plus a sprinkling of latter posts. Interestingly we learnt that Reddit posts top out at 40,000 characters - we’re gonna need a bigger Reddit.

In the high-level this week:

  • The UK launched its next National Cyber Strategy

  • the US’s CISA Adds Thirteen Known Exploited Vulnerabilities …

Keep reading with a 7-day free trial

Subscribe to Cyber Defence Analysis for Blue & Purple Teams to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
© 2025 Ollie Whitehouse from BinaryFirefly
Privacy ∙ Terms ∙ Collection notice
Start writingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More