blueteamsec

627 readers
35 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago
MODERATORS
digicat
listing: all - local
351
2
Gamaredon: Now Downloading via Windows Updates Best Friend "BITS" (blog.synapticsystems.de)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
352
2
VoidLink threat analysis: C2-compiled kernel rootkits | Sysdig (www.sysdig.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
353
2
How threat actors are using self-hosted GitHub Actions runners as backdoors (www.sysdig.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
354
2
ConsentFix: Securing Your Tenant Against OAuth Authorisation Code Theft (sentinel.blog)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
355
3
Leveraging Landlock telemetry for Linux detection engineering (blog.sekoia.io)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
356
2
SHADOW#REACTOR – Text-Only Staging, .NET Reactor, and In-Memory Remcos RAT Deployment (www.securonix.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
357
3
Evolving the Threat Hunter Playbook 🏹: Planning Hunts with Agent Skills 🤖 (blog.openthreatresearch.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
358
3
Browser Extensions Gone Rogue: The Full Scope of the GhostPoster Campaign (layerxsecurity.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
359
2
Planned failure: Gootloader's malformed ZIP actually works perfectly (expel.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
360
2
How to Use Pareto Principle to Fine-Tune Alerts and Reduce False Positives Wisely (detect.fyi)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
361
2
TIFCE: Threat Intelligence Feed Evaluation (+ KQL Detections) (detect.fyi)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
362
3
nova-claude-code-protector: NOVA - Claude Code Protection System against prompt injection attacks (github.com)
submitted 4 weeks ago by digicat to c/blueteamsec
1 comments fedilink
363
6
5 Malicious Chrome Extensions Enable Session Hijacking in Enterprise HR and ERP Systems (socket.dev)
submitted 4 weeks ago by digicat to c/blueteamsec
1 comments fedilink
364
4
Suricata 8.0.3 and 7.0.14 released! -four high CVEs resolved (suricata.io)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
365
6
Inside a Malicious Push Network: What 57M Logs Taught Us (www.infoblox.com)
submitted 4 weeks ago by digicat to c/blueteamsec
1 comments fedilink
366
4
CVE-2026-0227 PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway and Portal (security.paloaltonetworks.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
367
3
global_struct_dissector: Global Struct Dissector is an IDA Pro plugin that renders data in the disassembly view in a clear, readable format with explicit field names, offsets, and values. (github.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
368
5
Unauthenticated HTTP Server Allows Arbitrary Command Execution in open source AI coding agent (github.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
369
2
Dissecting CrashFix: KongTuke's New Toy (www.huntress.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
370
4
Infrastructure in the Shadows - How Two Leaks Unmasked the Criminal Network of Yalishanda aka Media Land, and BlackBasta (analyst1.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
371
3
New Infostealer Campaign Targets Users via Spoofed Software Installers (blog.virustotal.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
372
3
Singapore court rejects application by Chinese suspect wanted in US for global malware crimes (www.channelnewsasia.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
373
5
The Promptware Kill Chain: How Prompt Injections Gradually Evolved Into a Multi-Step Malware (arxiv.org)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
374
5
Jordanian Man Admits Selling Unauthorized Access to Computer Networks of 50 Companies (www.justice.gov)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
375
6
GhostWrite: Edit files without leaving timestamp traces. (github.com)
submitted 4 weeks ago by digicat to c/blueteamsec
0 comments fedilink
view more: ‹ prev next ›