blueteamsec

630 readers
57 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago
MODERATORS
digicat
listing: all - local
1001
2
Native Secure Enclaved backed ssh keys on MacOS (gist.github.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1002
2
Discreet Driver Loading in Windows (whiteknightlabs.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1003
2
Dissenting Statement of Commissioner Anna M. Gomez - Protecting the Nation’s Communications Systems from Cybersecurity Threats (docs.fcc.gov)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1004
1
ToddyCat APT's new tools and techniques (securelist.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1005
1
Processing CloudTrail Logs from S3 (deceptiq.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1006
4
WhatsApp compromise leads to Astaroth deployment (news.sophos.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1007
3
santamon: Lightweight macOS detection agent built on Santa’s Endpoint Security telemetry. (github.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1008
3
The threat actors behind Shai Hulud has struck again, hitting Zapier and Ensdomains (www.aikido.dev)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1009
3
Shai-Hulud 2.0: Ongoing Supply Chain Attack (www.wiz.io)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1010
3
North Korean APT duo join forces: Kimsuky acts as the "eyes" to steal intelligence, while Lazarus steals cryptocurrency to fill the "money bag"! (mp.weixin.qq.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1011
4
Kimsuky’s Ongoing Evolution of KimJongRAT and Expanding Threats (www.enki.co.kr)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1012
12
NSO seeks to overturn WhatsApp case, saying it is ‘catastrophic’ for the spyware maker (therecord.media)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1013
2
GoDefender: Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package. Windows ONLY. (github.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1014
1
magnet: Purple-team telemetry & simulation toolkit. (github.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1015
1
CustomC2ChannelTemplate: template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader. (github.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1016
1
Systematically Deconstructing APVD Steganography and its Payload with a Unified Deep Learning Paradigm - ""our model achieves a detection accuracy of 96.2 percent." (arxiv.org)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1017
1
疑似APT-C-26(Lazarus)组织利用远程IT伪装部署监控程序的攻击行动分析 - Analysis of attack activities suspected to be deployed by the APT-C-26 (Lazarus) group using remote IT spoofing to deploy surveillance programs (mp.weixin.qq.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1018
1
MuddyWater组织近期钓鱼攻击活动分析 - Analysis of MuddyWater's Recent Phishing Attacks (mp.weixin.qq.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1019
1
The Guardians of Name Street: Studying the Defensive Registration Practices of the Fortune 500 (fabianmonrose.github.io)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1020
1
Understanding Orphan Flows: This work presents the first large-scale analysis of orphan flows to understand 1) the practical hurdles to measuring orphan flows, and 2) the potential utility for SOCs (angelosk.github.io)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1021
1
From Concealment to Exposure: Understanding the Lifecycle and Infrastructure of APT Domains (tillsongalloway.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1022
1
Towards understanding the lifecycle of malicious network infrastructure (repository.gatech.edu)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1023
1
ForgeDAN: An Evolutionary Framework for Jailbreaking Aligned Large Language Models (arxiv.org)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1024
1
Deciphering Multi-Layer Hidden Loads and Analyzing Drive-Level Blinding Countermeasures | Tracking the Tactics and Techniques of the Silver Fox (mp.weixin.qq.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
1025
1
BOF_RunPe: BOF to run PE in Cobalt Strike Beacon without console creation (github.com)
submitted 2 months ago by digicat to c/blueteamsec
0 comments fedilink
view more: ‹ prev next ›