Cyber Defence Analysis for Blue & Purple Teams

Cyber Defence Analysis for Blue & Purple Teams

Share this post

Cyber Defence Analysis for Blue & Purple Teams
Cyber Defence Analysis for Blue & Purple Teams
Bluepurple Pulse: week ending September 19th
Copy link
Facebook
Email
Notes
More

Bluepurple Pulse: week ending September 19th

Don't be a cyber mercenary...

Ollie's avatar
Ollie
Sep 17, 2021
∙ Paid
1

Share this post

Cyber Defence Analysis for Blue & Purple Teams
Cyber Defence Analysis for Blue & Purple Teams
Bluepurple Pulse: week ending September 19th
Copy link
Facebook
Email
Notes
More
Share

Welcome to the substack highlights from the blueteamsec subreddit.

Operationally the week has been the long tale of CVE-2021-40444 (we have patches, exploits and mass exploitation) and then CVE-2021-38647. CVE-2021-38647 is an authentication bypass in a homage to the ‘90s resulting in remote code execution against a Linux Open Management Infrastructure agent of which there are a lot in Azure. Kevin Beaumont pushed the red button on the Wiz finding whilst Daniel Card continued to keep the world honest and updated on the situation.

The high-level news this week came in the guise of the US Government enacting its “domestic talent retention” or “stop cyber mercenaries” strategy - depending on your point of view. News came via a scoop from Reuters in the piece Ex-U.S. intel operatives admit hacking American networks for UAE. In short ex-USG employees go somewhere foreign, ignore all export laws, enable the hacking of US targets and then end up experiencing the legal ramifications but don’t …

Keep reading with a 7-day free trial

Subscribe to Cyber Defence Analysis for Blue & Purple Teams to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
© 2025 Ollie Whitehouse from BinaryFirefly
Privacy ∙ Terms ∙ Collection notice
Start writingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More