blueteamsec

674 readers
19 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago
MODERATORS
digicat
listing: all - local
676
1
fawkes: Fawkes is my attempt at a Mythic C2 Agent - "Fawkes is an entirely vibe-coded Mythic C2 agent. It started as an "I wonder" and has turned into a goal. " (github.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
677
1
An Update on the Prince of Persia Threat Actor (www.safebreach.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
678
1
CTO at NCSC Summary: week ending February 8th (ctoatncsc.substack.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
679
1
Windows Projected File System (ProjFS) Internals: A Technical Deep Dive (www.huntress.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
680
1
Phishing über Messengerdienste - Phishing via messaging services - current information indicating that a cyber actor, likely state-controlled, is conducting phishing attacks via messaging services (www.bsi.bund.de)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
681
2
Reducing the Attack Surface for End-of-Support Edge Devices (www.ic3.gov)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
682
2
No Pain, No Gain - How Impunity Perpetuates Failure (bytesandborscht.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
683
2
aura-inspector is a Swiss Army knife of Salesforce Experience Cloud testing. It facilitates in discovering misconfigured Salesforce Experience Cloud applications (github.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
684
5
Knife Cutting the Edge: Disclosing a China-nexus gateway-monitoring AitM framework (blog.talosintelligence.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
685
4
Black Basta: Defense Evasion Capability Embedded in Ransomware Payload (www.security.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
686
2
BOD 26-02: Mitigating Risk From End-of-Support Edge Devices (www.cisa.gov)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
687
2
The Shadow Campaigns: Uncovering Global Espionage (unit42.paloaltonetworks.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
688
2
Ransomware Threat Outlook 2025-2027 - Canadian Centre for Cyber Security (www.cyber.gc.ca)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
689
2
Introducing the YARA language server (virustotal.github.io)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
690
3
jsdeob-workbench: Reverse engineer obfuscated JavaScript visually. Chain transforms, inspect AST changes, write reusable deobfuscation plugins. (github.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
691
2
DesckVB-RAT: Full analysis of a never documented before Remote Access Trojan linked to Pjoao1578 toolchain (github.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
692
3
Cisco Snort _bnfa_search_csparse_nfa Use-After-Free Remote Code Execution Vulnerability (www.zerodayinitiative.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
693
2
Web Traffic Hijacking: When Your Nginx Configuration Turns Malicious (securitylabs.datadoghq.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
694
1
Analysis of Suspected Malware Linked to APT-Q-27 Targeting Financial Institutions (cystack.net)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
695
3
KongTuke campaign using #DNS TXT records in its ClickFix script. These DNS TXT records staged a command to retrieve and run a PowerShell scrip (github.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
 
 

https://x.com/i/status/2019121578718490869

696
4
Compromised Routers, DNS, and a TDS Hidden in Aeza Networks (www.infoblox.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
697
4
They Got In Through SonicWall. Then They Tried to Kill Every Security Tool (www.huntress.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
698
5
Authentication Downgrade Attacks: Deep Dive into MFA Bypass (www.ioactive.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
699
3
Shaping Shadows: Breaking Down New ShadowSyndicate Methods and Infrastructure (www.group-ib.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
700
3
Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia - Check Point Research (research.checkpoint.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
view more: ‹ prev next ›