blueteamsec

672 readers
54 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago
MODERATORS
digicat
listing: all - local
426
8
Abusing .arpa: The TLD That Isn’t Supposed to Host Anything (www.infoblox.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
427
2
Abusing Cortex XDR Live Terminal as a C2 (labs.infoguard.ch)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
428
3
OCRFix: Botnet Trojan delivered through ClickFix and EtherHiding (www.cyjax.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
429
3
Blocking Some On-Demand Issuance Caused by Internet Scanning (community.letsencrypt.org)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
430
2
Disrupting the GRIDTIDE Global Cyber Espionage Campaign | Google Cloud Blog (cloud.google.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
431
2
Scattered Lapsus$ Hunters Recruiting Women for Operations (www.dataminr.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
432
4
Diesel Vortex: Inside the Russian cybercrime group targeting US & EU freight (haveibeensquatted.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
433
2
AutoPiff: Semantic analysis engine for detecting vulnerability fixes in Windows kernel driver patches — 58 YAML rules, Ghidra decompilation, reachability tracing, and scoring (github.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
434
2
Inside the Fix: Analysis of In-the-Wild Exploit of CVE-2026-21513 - correlated it with an observed in-the-wild exploit attributed to the Russian state-sponsored threat actor APT28. (www.akamai.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
435
2
Chronology of MuddyWater APT Attacks Targeting the Middle East (www.genians.co.kr)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
436
2
Exploitation of Cisco Catalyst SD-WAN (www.ncsc.gov.uk)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
437
4
Marquis sues firewall provider SonicWall, alleges security failings with its firewall backup led to ransomware attack (techcrunch.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
438
3
Deputising UK Counter-Cybercrime Operations (www.rusi.org)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
439
2
North Korean Lazarus Group Now Working With Medusa Ransomware (www.security.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
440
1
Treasury Sanctions Exploit Broker Network for Theft and Sale of U.S. Government Cyber Tools (home.treasury.gov)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
441
3
Attacks on telecommunications companies in Kyrgyzstan and Tajikistan have been detected - Attacks on telecommunications companies in Kyrgyzstan and Tajikistan have been detected. (ptsecurity.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
442
21
Fake Zoom meeting "update" silently installs surveillance software (www.malwarebytes.com)
submitted 1 month ago by digicat to c/blueteamsec
1 comments fedilink
443
4
HvLoader: HvLoader.efi is an EFI application for loading an external hypervisor loader (github.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
444
3
STATICPLUGINによって実行される最新のPlugX亜種 – Latest PlugX variants executed by STATICPLUGIN (sect.iij.ad.jp)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
445
2
Detecting and preventing distillation attacks - "We have identified industrial-scale campaigns by three AI laboratories—DeepSeek, Moonshot, and MiniMax—to illicitly extract Claude’s capabilities" (www.anthropic.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
446
-1
Have you tried turning it off and on again? On bricking OT devices (part 2) (www.midnightblue.nl)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
447
11
The DJI Romo robovac had security so poor, this man remotely accessed thousands of them (www.theverge.com)
submitted 1 month ago by digicat to c/blueteamsec
1 comments fedilink
448
1
Apache ActiveMQ Exploit Leads to LockBit Ransomware - The DFIR Report (thedfirreport.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
449
1
[CVE-2026-0714] TPM-sniffing LUKS Keys on an Embedded Device (www.cyloq.se)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
450
8
PayPal February 2026 Breach Notification (www.documentcloud.org)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
view more: ‹ prev next ›