blueteamsec

674 readers
19 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago
MODERATORS
digicat
listing: all - local
701
3
APT28’s Stealthy Multi-Stage Campaign Leveraging CVE‑2026‑21509 and Cloud C2 Infrastructure (www.trellix.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
702
4
Synthèse de la menace sur l’IA générative face aux attaques informatiques | Summary of the threat to generative AI in the face of cyberattacks (cyber.gouv.fr)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
703
3
notepad-plus-plus-hashes: Aggregated SHA-256 and SHA-1 checksums for Notepad++ release assets - collected from official GitHub release checksum files. (github.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
704
2
Cloud Security Posture Management: silver bullet or another piece in the cloud puzzle? (www.ncsc.gov.uk)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
705
3
A Decade-long Landscape of Advanced Persistent Threats: Longitudinal Analysis and Global Trends - v2 published January 6th (arxiv.org)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
706
8
Velociraptor artifact to assist scoping IOCs related to the recent publicly disclosed Notepad++ supply chain attack. (docs.velociraptor.app)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
707
5
Continuous Intrusion/Continuous Distribution: Tracking Fox’s Iterative Malspam Campaign (jsac.jpcert.or.jp)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
708
6
Unmasking the CoGUI Phishing Kit, the Major Chinese Phishing-as-a-Service Targeting Japan (jsac.jpcert.or.jp)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
709
4
Following the Trace: Reconstructing Attacks from Ext4 and XFS Journals (jsac.jpcert.or.jp)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
710
4
Infrastructure-less Adversary: C2 Laundering via Dead-Drop Resolvers and the Microsoft Graph API (jsac.jpcert.or.jp)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
711
6
Ghost in Your Network: How Earth Kurma Stays Hidden and Exfiltrates Your Data (jsac.jpcert.or.jp)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
712
3
Continuous Evolution of Tianwu’s Pangolin8RAT and Custom Cobalt Strike Beacon (jsac.jpcert.or.jp)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
713
5
Unraveling the WSUS Exploit Chain Incident Analysis and Actor Insights (jsac.jpcert.or.jp)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
714
3
GatewayToHeaven: Finding a Cross-Tenant Vulnerability in GCP's Apigee (omeramiad.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
715
6
Yara: "Detects payload bytes in first 0x490 bytes in clipc.dll Warbird technique as described by Rapid7 (github.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
716
5
Abusing Microsoft Warbird for Shellcode Execution - from 2024 but recently utilised in the Notepad++ payloads (cirosec.de)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
717
3
YARA Rule Skill [CRT] - An LLM Agent Skill that embeds expert YARA knowledge into your AI assistant. (yarahq.github.io)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
718
2
Cobaltstrike_BOFLoader: open source port/reimplementation of the Cobalt Strike BOF Loader as is (github.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
719
10
How LLMs Feed Your RE Habit: Following the Use-After-Free Trail in CLFS (clearbluejar.github.io)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
720
6
APT28: Geofencing as a Targeting Signal (CVE-2026-21509 Campaign) (blog.synapticsystems.de)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
721
0
Building a Scalable Windows Driver Vulnerability Analyzer (Part 2) (threatunpacked.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
722
5
Public Safety and Homeland Security Bureau Highlights Best Practices for Defending Against Ransomware Attacks (www.fcc.gov)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
723
6
Security incident on plone GitHub org with force pushes (www.openwall.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
724
6
Incident Report: CVE-2024-YIKES (nesbitt.io)
submitted 2 months ago by digicat to c/blueteamsec
2 comments fedilink
725
4
Rust at Scale: An Added Layer of Security for WhatsApp (engineering.fb.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
view more: ‹ prev next ›