blueteamsec

543 readers
15 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago
MODERATORS
digicat
listing: all - local
401
3
Hunting For PsExec.exe abuse (medium.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
402
2
crates.io: Malicious crates faster_log and async_println | Rust Blog (blog.rust-lang.org)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
403
1
RedNovember Targets Government, Defense, and Technology Organizations (assets.recordedfuture.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
404
10
Tea continued - Unauthenticated access to 150+ Firebase databases, storage buckets and secrets (ice0.blog)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
405
1
ED 25-03: Identify and Mitigate Potential Compromise of Cisco Devices (www.cisa.gov)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
406
2
DeceptiveDevelopment: From primitive crypto theft to sophisticated AI-based deception (www.welivesecurity.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
407
2
Inside Salt Typhoon: China’s State-Corporate Advanced Persistent Threat - DomainTools Investigations | DTI (dti.domaintools.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
408
1
NCSC warns of persistent malware campaign targeting Cisco devices (www.ncsc.gov.uk)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
409
2
Department of War Announces New Cybersecurity Risk Management Construct (www.war.gov)
submitted 1 month ago by digicat to c/blueteamsec
1 comments fedilink
410
4
Who is Salt Typhoon Really? Unraveling the Attribution Challenge (nattothoughts.substack.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
411
1
Project Rain:L1TF - This blog provides a detailed overview of the L1TF vulnerability, a CPU vulnerability on some Intel CPUs (Skylake and older) (bughunters.google.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
412
1
COLDRIVER Adds BAITSWITCH and SIMPLEFIX (www.zscaler.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
413
2
Threat Intelligence Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors (cloud.google.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
414
3
Linux Kernel Runtime Guard (LKRG) 1.0 (Nullcon Berlin 2025) (www.openwall.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
415
5
Large-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt to Deliver Stealer Malware (blog.lastpass.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
416
2
Ransomware Rising - Digital Front Lines (digitalfrontlines.io)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
417
2
Security advisory: command injection vulnerability (CVE-2025-59689) – email as a vector (docs.libraesva.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
418
2
How RainyDay, Turian and a new PlugX variant abuse DLL search order hijacking (blog.talosintelligence.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
419
2
The Evolution of RomCom (www.attackiq.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
420
2
NodeJS backdoors delivering proxyware and monetization schemes (medium.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
421
2
Operation Rewrite: Chinese-Speaking Threat Actors Deploy BadIIS in a Wide Scale SEO Poisoning Campaign (unit42.paloaltonetworks.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
422
2
Our plan for a more secure npm supply chain (github.blog)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
423
4
BYOVD to the next level (part 1) — exploiting a vulnerable driver (CVE-2025-8061) - Quarkslab's blog (blog.quarkslab.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
424
6
U.S. Secret Service dismantles imminent telecommunications threat in New York tristate area (www.secretservice.gov)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
425
6
The Phantom Extension: Backdooring chrome through uncharted pathways (www.synacktiv.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
view more: ‹ prev next ›