Welcome to the weekly highlights and analysis of the blueteamsec subreddit.

Operationally this week it has been the usual operational blend and tempo - ha! OK - who are we kidding. Lets be honest it has all been on 🔥 to varying degrees as the scale, complexity and reality of log4j (CVE-2021-44228 and CVE-2021-45046) has become clear.

We today sit with various nation states including China, North Korea, Iran and Turkey exploiting it coupled with a maelstrom of organised (and disorganised) criminal activity including ransomware (and not just Minecraft servers).

Everything we know from the Subreddit is maintained in this meta thread - https://www.reddit.com/r/blueteamsec/comments/rd38z9/log4j_0day_being_exploited/ - plus a sprinkling of latter posts. Interestingly we learnt that Reddit posts top out at 40,000 characters - we’re gonna need a bigger Reddit.

In the high-level this week:

• The UK launched its next National Cyber Strategy

• the US’s CISA Adds Thirteen Known Exploited Vulnerabilities …