blueteamsec

679 readers
42 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago
MODERATORS
digicat
listing: all - local
1751
1
Cloud Backup Security Incident Investigation Complete and Strengthened Cyber Resilience (www.sonicwall.com)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1752
3
Crossed wires: a case study of Iranian espionage and attribution (www.proofpoint.com)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1753
2
This Research Investigates purely focuses on the Networks used by the Clop Ransomware Group during their infiltration at different victims. (theravenfile.com)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1754
2
Dissecting the Infection Chain: Technical Analysis of the Kimsuky JavaScript Dropper (blog.pulsedive.com)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1755
3
We share global infrastructure tracking techniques, tools to decrypt VShell communications, and insights into attacker behaviors to strengthen threat detection and incident response capabilities. (www.nviso.eu)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1756
3
NVISO analyzes VShell post-exploitation tool (www.nviso.eu)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1757
4
A Researcher Came Knocking, and Taught China a Lesson in How to Manage Vulnerabilities -- and Researchers (nattothoughts.substack.com)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1758
3
GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools (cloud.google.com)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1759
4
Russian Cybercrime & State Militarization: Marching Together in the Digital Age (analyst1.com)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1760
3
Defeating KASLR by Doing Nothing at All (googleprojectzero.blogspot.com)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1761
3
Treasury Sanctions DPRK Bankers and Institutions Involved in Laundering Cybercrime Proceeds and IT Worker Funds (home.treasury.gov)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1762
3
How RMM abuse fuelled Medusa & DragonForce attacks (zensec.co.uk)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1763
0
Curly COMrades: Evasion and Persistence via Hidden Hyper-V Virtual Machines (www.bitdefender.com)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1764
10
Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks, FBI says (chicago.suntimes.com)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1765
1
Inside the attack chain: Threat activity targeting Azure Blob Storage (www.microsoft.com)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1766
3
Demystifying Zero Trust (www.ncsc.gov.uk)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1767
1
Using PAWs in OT environments (www.ncsc.gov.uk)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1768
3
Scaling Security Testing by Addressing the Reachability Gap (gpsapia.github.io)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1769
1
Graph Api Overwhelm (www.alphaf0x.com)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1770
2
RDSEED Failure on AMD “Zen 5” Processors (www.amd.com)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1771
3
Remote access, real cargo: cybercriminals targeting trucking and logistics (www.proofpoint.com)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1772
1
Drawn to Danger: Windows Graphics Vulnerabilities Lead to Remote Code Execution and Memory Exposure (research.checkpoint.com)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1773
2
Alleged Jabber Zeus Coder ‘MrICQ’ in U.S. Custody (krebsonsecurity.com)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1774
2
SilentButDeadly: SilentButDeadly is a network communication blocker specifically designed to neutralize EDR/AV software by preventing their cloud connectivity using Windows Filtering Platform (WFP). (github.com)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
1775
2
The ZeroAccess Developer and His Windows Kernel-Mode Debugger (r136a1.dev)
submitted 5 months ago by digicat to c/blueteamsec
0 comments fedilink
view more: ‹ prev next ›