Welcome to the weekly highlights and analysis of the blueteamsec subreddit (and my wider reading). Not everything makes it in, but the best bits do.

Operationally this week Chinese activity reporting is up with some insights into their more advanced capabilities both in terms of implants and C2 infrastructure. Outside of that criminals continuing to be criminals.

In the high-level this week:

• “Shared threats, shared understanding”: U.S., Canada and Latvia conclude defensive Hunt Operations - During the three-month long operation, the U.S. team worked with CERT.LV, the Information Security Incident Response Institution of the Republic of Latvia – on a defensive cyber threat hunting operation focused on the Latvian critical infrastructure.

  • New DOD doctrine officially outlines and defines 'expeditionary cyberspace operations' - hunt forward falls in here but is also wider e.g. Gain access through a low-power, point-to-point radio frequency (RF) link.

• Evolving Cyber Operations and Capabilities…