blueteamsec

544 readers

27 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago

MODERATORS

626

2

dittobytes: Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE. (github.com)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

627

1

BugCheck 0xD1: Potential race condition in Teredo cleanup during flow teardown (medium.com)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

628

3

New Botnet Emerges from the Shadows: NightshadeC2 (www.esentire.com)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

629

3

The Czech National Cyber and Information Security Agency issues warning about data transfer to and remote administration from China (nukib.gov.cz)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

630

1

Salesloft Third-Party Drift Integration Partners FAQ (9:00PM ET) (trust.salesloft.com)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

631

4

Critical SAP S/4HANA code injection vulnerability (CVE-2025-42957) exploited in the wild (securitybridge.com)

submitted 2 months ago by digicat to c/blueteamsec

1 comments fedilink

632

4

The GhostAction Campaign: 3,325 Secrets Stolen Through Compromised GitHub Workflows (blog.gitguardian.com)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

633

2

DRMD: Deep Reinforcement Learning for Malware Detection under Concept Drift (arxiv.org)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

634

2

The Art of Hide and Seek: Making Pickle-Based Model Supply Chain Poisoning Stealthy Again (arxiv.org)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

635

3

Breaking Diffusion with Cache: Exploiting Approximate Caches in Diffusion Models (arxiv.org)

submitted 2 months ago by digicat to c/blueteamsec

1 comments fedilink

636

1

[2508.20866] AI Agentic Vulnerability Injection And Transformation with Optimized Reasoning (arxiv.org)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

637

2

Let's evaluate "The Iranian Internet Outage from the Perspective of Cyberspace" from the perspective of real cyberspace. (mp.weixin.qq.com)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

638

0

LLM-TIKG: Threat intelligence knowledge graph construction utilizing large language model (www.sciencedirect.com)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

639

2

ReDAN: An Empirical Study on Remote DoS Attacks against NAT Networks (www.ndss-symposium.org)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

640

5

CTO at NCSC Summary: week ending September 7th (ctoatncsc.substack.com)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

641

2

Inside the Kimsuky Leak: How the “Kim” Dump Exposed North Korea’s Credential Theft Playbook (dti.domaintools.com)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

642

2

Threat Actors Abuse Simplified AI to Steal Microsoft 365 Credentials (www.catonetworks.com)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

643

0

MeetC2 a.k.a Meeting C2 (medium.com)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

**

644

4

orsted: Orsted C2 Framework (github.com)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

645

12

Microsoft Used China-Based Engineers. - "internal work-tracking system that showed China-based employees recently fixing bugs for SharePoint “OnPrem,”" (www.propublica.org)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

646

2

ACM SIGCOMM 2025: Proceedings of the ACM SIGCOMM 2025 Conference (conferences.sigcomm.org)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

647

4

ACM SIGCOMM 2025: Proceedings of the Workshops (conferences.sigcomm.org)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

648

2

Operation BarrelFire: NoisyBear Targets Kazakhstan Oil & Gas (www.seqrite.com)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

649

4

GhostRedirector poisons Windows servers: Backdoors with a side of Potatoes (www.welivesecurity.com)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink

650

1

From CastleLoader to CastleRAT: TAG-150 Advances Operations with Multi-Tiered Infrastructure (www.recordedfuture.com)

submitted 2 months ago by digicat to c/blueteamsec

0 comments fedilink