blueteamsec

542 readers
7 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago
MODERATORS
digicat
listing: all - local
376
5
IMDS Abused: Hunting Rare Behaviors to Uncover Exploits - we uncovered exploitation in the wild of a previously unknown zero-day vulnerability from insecure use of pandoc. (www.wiz.io)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
377
4
The PLA Goes Back to School: Mapping New Developments in China’s Military Cyber Education System (margin.re)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
378
3
Bookworm to Stately Taurus Using the Unit 42 Attribution Framework (unit42.paloaltonetworks.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
379
3
XCSSET evolves again: Analyzing the latest updates to XCSSET’s inventory (www.microsoft.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
380
4
Ollama Drama: Investigating the Prevalence of Ollama Open Instances (censys.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
381
4
First Malicious MCP in the Wild: The Postmark Backdoor That's Stealing Your Emails (www.koi.security)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
382
3
Hunting For PsExec.exe abuse (medium.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
383
2
crates.io: Malicious crates faster_log and async_println | Rust Blog (blog.rust-lang.org)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
384
1
RedNovember Targets Government, Defense, and Technology Organizations (assets.recordedfuture.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
385
10
Tea continued - Unauthenticated access to 150+ Firebase databases, storage buckets and secrets (ice0.blog)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
386
1
ED 25-03: Identify and Mitigate Potential Compromise of Cisco Devices (www.cisa.gov)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
387
2
DeceptiveDevelopment: From primitive crypto theft to sophisticated AI-based deception (www.welivesecurity.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
388
2
Inside Salt Typhoon: China’s State-Corporate Advanced Persistent Threat - DomainTools Investigations | DTI (dti.domaintools.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
389
1
NCSC warns of persistent malware campaign targeting Cisco devices (www.ncsc.gov.uk)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
390
2
Department of War Announces New Cybersecurity Risk Management Construct (www.war.gov)
submitted 1 month ago by digicat to c/blueteamsec
1 comments fedilink
391
4
Who is Salt Typhoon Really? Unraveling the Attribution Challenge (nattothoughts.substack.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
392
1
Project Rain:L1TF - This blog provides a detailed overview of the L1TF vulnerability, a CPU vulnerability on some Intel CPUs (Skylake and older) (bughunters.google.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
393
1
COLDRIVER Adds BAITSWITCH and SIMPLEFIX (www.zscaler.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
394
2
Threat Intelligence Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors (cloud.google.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
395
3
Linux Kernel Runtime Guard (LKRG) 1.0 (Nullcon Berlin 2025) (www.openwall.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
396
5
Large-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt to Deliver Stealer Malware (blog.lastpass.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
397
2
Ransomware Rising - Digital Front Lines (digitalfrontlines.io)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
398
2
Security advisory: command injection vulnerability (CVE-2025-59689) – email as a vector (docs.libraesva.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
399
2
How RainyDay, Turian and a new PlugX variant abuse DLL search order hijacking (blog.talosintelligence.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
400
2
The Evolution of RomCom (www.attackiq.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
view more: ‹ prev next ›