blueteamsec

679 readers

41 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago

MODERATORS

digicat

1626

ENISA Sectorial Threat Landscape - Public Administration (www.enisa.europa.eu)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1627

Reframing Insights | Chollima Group (chollima-group.io)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1628

WSUS 원격 코드 실행 취약점(CVE-2025-59287)을 악용한 ShadowPad 공격 사례 분석 - APT Malware Analysis of a ShadowPad attack exploiting the WSUS remote code execution vulnerability (CVE-2025-59287) (asec.ahnlab.com)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1629

Microsoft Defender for Endpoint Internal 0x06 — Custom Collection (medium.com)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1630

APT24's Pivot to Multi-Vector Attacks (cloud.google.com)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1631

Custom data collection in Microsoft Defender for Endpoint - Microsoft Defender for Endpoint (learn.microsoft.com)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1632

Autumn Dragon: China-nexus APT Group Targets South East Asia (cyberarmor.tech)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1633

Interactive End-to-End Decompilation via Large Language Models (www.mdpi.com)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1634

The Tsundere botnet uses the Ethereum blockchain to infect its targets (securelist.com)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1635

SCCM Hierarchy Takeover via Entra Integration…Because of the Implication (specterops.io)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1636

Windows: Administrator Protection RAiLaunchAdminProcess Application Name EoP (project-zero.issues.chromium.org)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1637

Security Advisory: Unusual Activity Related to Gainsight Applications (status.salesforce.com)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1638

A Pain in the Mist: Navigating Operation DreamJob’s arsenal (www.orangecyberdefense.com)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1639

Nation-state actors bridging cyber and kinetic warfare (aws.amazon.com)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1640

Building the digital front line: Understanding big tech decision-making in Ukraine (www.atlanticcouncil.org)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1641

Pixnapping: Bringing Pixel Stealing out of the Stone Age on Android (www.pixnapping.com)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1642

Prepared Statements? Prepared to Be Vulnerable. (blog.mantrainfosec.com)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1643

Palo Alto Scanning Surges 40X in 24 Hours, Marking 90-Day High (www.greynoise.io)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1644

The Psychology Behind Effective Honey Tokens (deceptiq.com)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1645

Hey there! You are using WhatsApp: Enumerating Three Billion Accounts for Security and Privacy (github.com)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1646

Hackers Target Educational Institutions in Sumy Region and Government Bodies via Compromised Account - Ukraine (cip.gov.ua)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1647

AI-Orchestrated Attacks: Why Detection Speed Matters (deceptiq.com)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1648

Bulletproof Defense: Mitigating Risks From Bulletproof Hosting ProviderS (media.defense.gov)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1649

PlushDaemon compromises network devices for adversary-in-the-middle attacks (www.welivesecurity.com)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink

1650

United States, Australia, and United Kingdom Sanction Russian Cybercrime Infrastructure Supporting Ransomware (home.treasury.gov)

submitted 4 months ago by digicat to c/blueteamsec

0 comments fedilink