Cyber Defence Analysis for Blue & Purple Teams

Share this post

Bluepurple Pulse: week ending December 19th 🎅

bluepurple.binaryfirefly.com

Bluepurple Pulse: week ending December 19th 🎅

What a difference a week makes

Ollie
Dec 17, 2021
1
Share this post

Bluepurple Pulse: week ending December 19th 🎅

bluepurple.binaryfirefly.com

Welcome to the weekly highlights and analysis of the blueteamsec subreddit.

Operationally this week it has been the usual operational blend and tempo - ha! OK - who are we kidding. Lets be honest it has all been on 🔥 to varying degrees as the scale, complexity and reality of log4j (CVE-2021-44228 and CVE-2021-45046) has become clear.

We today sit with various nation states including China, North Korea, Iran and Turkey exploiting it coupled with a maelstrom of organised (and disorganised) criminal activity including ransomware (and not just Minecraft servers).

Everything we know from the Subreddit is maintained in this meta thread - https://www.reddit.com/r/blueteamsec/comments/rd38z9/log4j_0day_being_exploited/ - plus a sprinkling of latter posts. Interestingly we learnt that Reddit posts top out at 40,000 characters - we’re gonna need a bigger Reddit.

In the high-level this week:

  • The UK launched its next National Cyber Strategy

  • the US’s CISA Adds Thirteen Known Exploited Vulnerabilities …

Keep reading with a 7-day free trial

Subscribe to Cyber Defence Analysis for Blue & Purple Teams to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
© 2023 Ollie Whitehouse from BinaryFirefly
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing