blueteamsec

676 readers
15 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago
MODERATORS
digicat
listing: all - local
1401
2
BinYars: Binary Ninja YARA-X Plugin (github.com)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1402
2
Chinese Malware Delivery Domains Part IV (dti.domaintools.com)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1403
2
The FACT Attribution Framework v1.0 (zenodo.org)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1404
2
【附IOC】Next.js RCE漏洞在野利用事件分析 - [Includes IOC] Analysis of Wild Exploitation Incidents of Next.js RCE Vulnerability (mp.weixin.qq.com)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1405
6
Prompt injection is not SQL injection (it may be worse) (www.ncsc.gov.uk)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1406
7
CVE-2025-55182: Explanation and full RCE PoC for CVE-2025-55182 (github.com)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1407
2
Streamlining Security Investigations with Agents (slack.engineering)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1408
2
React / Next.js - global vulnerable stats (dashboard.shadowserver.org)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1409
4
CLR-Unhook: Modern security products (CrowdStrike, Bitdefender, SentinelOne, etc.) hook the nLoadImage function inside clr.dll to intercept and scan in-memory .NET assembly loads. This tool unhooks (github.com)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1410
2
Operation Tornado:针对国产信创平台的网络间谍活动 - Operation Tornado: Cyber Espionage Targeting Domestic IT Innovation Platforms (mp.weixin.qq.com)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1411
3
Investigating Indonesia’s Gambling Ecosystem: Indicators of National-Level Cyber Operations (www.malanta.ai)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1412
2
New eBPF Filters for Symbiote and BPFdoor Malware (www.fortinet.com)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1413
5
A Hidden Pattern Within Months of Credential-Based Attacks Against Palo Alto GlobalProtect (www.greynoise.io)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1414
9
Small numbers of Notepad++ users reporting security woes (doublepulsar.com)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1415
3
SVG Filters - Clickjacking 2.0 (lyra.horse)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1416
1
Chinese-linked hackers use back door for potential 'sabotage,' US and Canada say (www.reuters.com)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1417
2
Stillepost - Or: How to Proxy your C2s HTTP-Traffic through Chromium (x90x90.dev)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1418
4
Adversaries Modify the Registry to Disable Two Core Windows Security Mechanisms (www.knowyouradversary.ru)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1419
3
Early Warning Detection for Credential Theft (deceptiq.com)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1420
7
EvilMist: EvilMist is a collection of scripts and utilities designed to support cloud penetration testing & red teaming. The toolkit helps identify misconfigurations, assess privilege-escalation paths (github.com)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1421
3
Sysmon Config Creation for The LOLRMM Framework (www.dodgethissecurity.com)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1422
5
AI Malware: Hype vs. Reality (www.recordedfuture.com)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1423
2
Public Disclosure: Backdooring Managed Identities via Azure API Management (dazesecurity.io)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1424
8
North Korean hackers are pushing fake "Microsoft Teams Update" to macOS (archive.md)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
1425
6
Exclusive Look Inside a Compromised North Korean APT Machine Linked to The Biggest Heist in History (www.hudsonrock.com)
submitted 4 months ago by digicat to c/blueteamsec
0 comments fedilink
view more: ‹ prev next ›