blueteamsec

633 readers

28 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago

MODERATORS

digicat

1976

Silent Harvest: Extracting Windows Secrets Under the Radar (sud0ru.ghost.io)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1977

Hunting for Malware Networks (dti.domaintools.com)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1978

Slice: SAST + LLM Interprocedural Context Extractor (noperator.dev)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1979

phishurl-list: Phishing URL dataset from JPCERT/CC (github.com)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1980

Evolving Mule Tactics in the META Region (www.group-ib.com)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1981

When a SSRF is enough: Full Docker Escape on Windows Docker Desktop (CVE-2025-9074) - a reminder that Docker is not a security boundary (blog.qwertysecurity.com)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1982

AppLockerInspector: Audits an AppLocker policy XML and reports weak/misconfigured/risky settings, including actual ACL checks. (github.com)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1983

Detailed Analysis of Phrack’s APT Down: The North Korea Files (s2w.inc)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1984

Weaponizing image scaling against production AI systems (blog.trailofbits.com)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1985

Scam Farms Marque and Reprisal Authorization Act of 2025 - authorize the President to issue letters of marque and reprisal with respect to acts of aggression against the United States (www.congress.gov)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1986

"Scamlexity": When Agentic AI Browsers Get Scammed (guard.io)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1987

CVE-2025–41688: Bypassing Restrictions in an OT Remote Access Device (medium.com)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1988

MCP vulnerability case study: SQL injection in the Postgres MCP server (securitylabs.datadoghq.com)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1989

MURKY PANDA: Trusted-Relationship Cloud Threat (www.crowdstrike.com)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1990

Microsoft Curbs Early Access for Chinese Firms to Notifications About Cybersecurity Flaws (archive.ph)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1991

Palm Coast Hacker Sentenced To 10 Years In Prison (www.justice.gov)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1992

Analysis of the GFW's Unconditional Port 443 Block on August 20, 2025 (gfw.report)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1993

The Department of Energy’s Unclassified Cybersecurity Program – 2024 (www.oversight.gov)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1994

GroupPolicyBackdoor: Group Policy Objects manipulation and exploitation framework (github.com)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1995

UAC-0057 keeps applying pressure on Ukraine and Poland (harfanglab.io)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1996

APT MuddyWater Targets CFOs with Multi-Stage Phishing & NetBird Abuse (hunt.io)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1997

Oregon man charged with administering “Rapper Bot” DDoS-for-hire Botnet (www.justice.gov)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1998

Conflicting Scores, Confusing Signals: An Empirical Study of Vulnerability Scoring Systems (arxiv.org)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

1999

A Cereal Offender: Analyzing the CORNFLAKE.V3 Backdoor | Google Cloud Blog (cloud.google.com)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink

2000

Russian Government Cyber Actors Targeting Networking Devices, Critical Infrastructure (www.ic3.gov)

submitted 6 months ago by digicat to c/blueteamsec

0 comments fedilink