blueteamsec

542 readers
24 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago
MODERATORS
digicat
listing: all - local
251
2
BYOVD to the next level (part 2) — rootkit like it's 2025 (blog.quarkslab.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
252
3
Attackers Actively Exploiting Critical Vulnerability in Service Finder Bookings Plugin (www.wordfence.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
253
10
Investigating targeted “payroll pirate” attacks affecting US universities (www.microsoft.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
254
2
Velociraptor leveraged in ransomware attacks (blog.talosintelligence.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
255
2
Identifying and Mitigating Potential Velociraptor Abuse (www.rapid7.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
256
2
Anatomy of a Hacktivist Attack: Russia-Aligned Group Targets OT/ICS - "Our honeypot caught hacktivist activity targeting a decoy water treatment plant in Sept. 2025. A Russian-aligned group, TwoNet, c (www.forescout.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
257
3
MySonicWall Cloud Backup File Incident - "The investigation confirmed that an unauthorized party accessed firewall configuration backup files for all customers who have used SonicWall’s cloud backup s (www.sonicwall.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
258
3
An Insider Look At The IRGC-linked APT35 Operations (www.cloudsek.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
259
4
Oracle E-Business Suite Zero-Day Exploited in Widespread Extortion Campaign (cloud.google.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
260
2
Chinese Hackers Said to Target U.S. Law Firms (archive.ph)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
261
2
The ClickFix Factory: First Exposure of IUAM ClickFix Generator (unit42.paloaltonetworks.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
262
3
RondoDox: From Targeting Pwn2Own Vulnerabilities to Shotgunning Exploits (www.trendmicro.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
263
4
Ukraine's parliament backs creation of cyber forces in first reading (kyivindependent.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
264
8
Active Directory domain (join)own accounts revisited 2025 (www.shelltrail.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
265
2
The Evolution of Russian Physical-Cyber Espionage (www.trellix.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
266
3
China’s Vulnerability Research: What’s Different Now? (nattothoughts.substack.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
267
2
The Crown Prince, Nezha: A New Tool Favored by China-Nexus Threat Actors | Huntress (www.huntress.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
268
0
APT Meets GPT: Targeted Operations with Untamed LLMs (www.volexity.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
269
0
look mom HR application look mom no job (blog.himanshuanand.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
270
1
Strengthening national cyber resilience through observability and threat hunting (www.ncsc.gov.uk)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
271
2
sigma-rules-validator: Validates Sigma rules using the JSON schema - GitHub action (github.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
272
1
Mustang Panda Employ Publoader Through ClaimLoader: Yes.. another DLL Side-Loading Technique Delivery via Phishing - 0x0d4y Malware Reseach (0x0d4y.blog)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
273
3
Security Bulletin: Several Security Vulnerabilities have been discovered in IBM Security Verify Access and IBM Verify Identity Access products. (CVE-2025-36354, CVE-2025-36355, CVE-2025-363546) (www.ibm.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
274
1
surveyor: Advanced Windows kernel analysis and system profiling tool. Provides comprehensive visibility into kernel callbacks, ETW sessions, driver analysis, and system state through both userland API (github.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
275
1
BIETA: A Technology Enablement Front for China's MSS (www.recordedfuture.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
view more: ‹ prev next ›