Welcome to the weekly highlights and analysis of the blueteamsec subreddit.

Operationally this week it is clear that our 🇷🇺 friends don’t observe the festive season as we might hope. Ransomware continues to be a thing and they continue to have impact. Although I do note in one customer they seemed to have realised they strayed into a victim space that will likely get them renditioned at some point.

Log4j continues to burn brightly for most. The latter vulnerabilities can be described as unhelpful as they distract from low sophistication vulnerability which can be exploited easily. The Five Eyes, led by CISA along with the other associated cyber agencies released a post titled Mitigating Log4Shell and Other Log4j-Related Vulnerabilities in response - big 💖for including a link to the subreddit’s thread of Log4j.

In the high-level this week:

• the US issued an Executive Order on Establishing the United States Council on Transnational Organized Crime

  • provides major air cover to the executiv…