Cyber Defence Analysis for Blue & Purple Teams

Cyber Defence Analysis for Blue & Purple Teams

Share this post

Cyber Defence Analysis for Blue & Purple Teams
Cyber Defence Analysis for Blue & Purple Teams
Bluepurple - Week ending August 22nd
Copy link
Facebook
Email
Notes
More

Bluepurple - Week ending August 22nd

Mass exploitation Sunday - it is always the weekends

Ollie's avatar
Ollie
Aug 22, 2021
∙ Paid
1

Share this post

Cyber Defence Analysis for Blue & Purple Teams
Cyber Defence Analysis for Blue & Purple Teams
Bluepurple - Week ending August 22nd
Copy link
Facebook
Email
Notes
More
Share

Welcome to the substack from the blueteamsec subreddit.

This week operationally it is all about the continued carnage that is the mass Microsoft Exchange exploitation via ProxyShell. We saw similar incidents happen with Exchange earlier in the year and also with vulnerabilities such as Citrix, F5, Pulse VPN etc. Increasingly the speculative mass compromise by state and organised crime groups is a thing and one can’t see why it will be a trend that will stop any time soon.

140+ webshells across 1900+ unpatched boxes in 48hrs

…

corroborate[d] that the webshell and LockFile ransomware incidents we’re seeing within companies may be related

A more upbeat little nugget comes from Dawn of the Code War: America's Battle Against Russia, China, and the Rising Global Cyber Threat

Chinese culture celebrated hackers. A 2005 study by the Shanghai Academy of Social Sciences compared hackers to rock stars. Finding that 2 out of 5 elementary age children adored hackers and third wanted to to grow up to …

Keep reading with a 7-day free trial

Subscribe to Cyber Defence Analysis for Blue & Purple Teams to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
© 2025 Ollie Whitehouse from BinaryFirefly
Privacy ∙ Terms ∙ Collection notice
Start writingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More