blueteamsec

670 readers
46 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago
MODERATORS
digicat
listing: all - local
251
3
CTO at NCSC Summary: week ending March 15th (ctoatncsc.substack.com)
submitted 2 weeks ago by digicat to c/blueteamsec
0 comments fedilink
252
3
Detection Pipeline Maturity Model (detect.fyi)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
253
4
When Proxies Become the Attack Vectors in Web Architectures (www.praetorian.com)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
254
2
Elfina: Elfina is a multi-architecture ELF loader supporting x86 and x86-64 binaries. (github.com)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
255
2
Adversary Simulation - Iranian APT/Static Kitten (github.com)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
256
1
tdo_dump: Proof-of-Concept tool to dump trusted domain objects (github.com)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
257
1
IronPE: IronPE is a Windows PE manual loader written in Rust for both x86 and x64 PE files. (github.com)
submitted 3 weeks ago by digicat to c/blueteamsec
1 comments fedilink
258
2
Malware and cryptography 44 - encrypt/decrypt payload via Discrete Fourier Transform. Simple C example. (cocomelonc.github.io)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
259
1
Windows Defender ACL Blocking: A Silent Technique With Serious Impact (binarydefense.com)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
260
1
Phantom: project created to perform loading and executing .NET assemblies directly in memory within an IIS environment running in full‑trust mode. Instead of relying on file‑based approach... (github.com)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
261
2
LnkMeMaybe: LNK crafting and research tools (github.com)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
262
2
CVE-2026-28292: simple-git Remote Code Execution - A case-sensitivity bug in simple-git (12.4 million+ weekly npm downloads) allows an attacker to bypass two prior CVE fixes (CVE-2022-25860 .. (www.codeant.ai)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
263
4
zombie-zip: Malformed ZIP archive that evades antivirus detection by declaring Method=0 (stored) while containing DEFLATE-compressed payload. (github.com)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
264
2
dev-machine-guard: Scan your dev machine for AI agents, MCP servers, IDE extensions, and suspicious packages — in seconds. (github.com)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
265
3
Treasury Sanctions Facilitators of DPRK IT Worker Fraud Targeting U.S. Businesses (home.treasury.gov)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
266
6
Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft (www.microsoft.com)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
267
1
Joint Advisory: Middle East Conflict and Critical Infrastructure (gate15.global)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
268
4
Feds say another DigitalMint negotiator ran ransomware attacks and helped extort $75 million (cyberscoop.com)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
269
2
Insights: Increased Risk of Wiper Attacks (unit42.paloaltonetworks.com)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
270
1
Europol and international partners disrupt ‘SocksEscort’ proxy service – Joint operation targeted malicious proxy service exploiting residential routers worldwide | Europol (www.europol.europa.eu)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
271
5
Stryker Corporation - 8k filing - suspected Iranian linked - "a cybersecurity incident affecting certain information technology systems of the Company that has resulted in a global disruption" (d18rn0p25nwr6d.cloudfront.net)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
272
0
Silence of the hops: The KadNap botnet (blog.lumen.com)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
273
2
The gang using OpenClaw was captured for the first time (mp.weixin.qq.com)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
274
2
Faux Amis: How France Stands Apart in Europe’s High-Risk University Cyber Partnerships with China (www.nattothoughts.com)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
275
1
Foreign hacker in 2023 compromised Epstein files held by FBI, source and documents show (www.reuters.com)
submitted 3 weeks ago by digicat to c/blueteamsec
0 comments fedilink
view more: ‹ prev next ›