blueteamsec

542 readers
5 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago
MODERATORS
digicat
listing: all - local
1
3
CTO at NCSC Summary: week ending November 2nd (ctoatncsc.substack.com)
submitted 5 days ago by digicat to c/blueteamsec
0 comments fedilink
2
4
A Researcher Came Knocking, and Taught China a Lesson in How to Manage Vulnerabilities -- and Researchers (nattothoughts.substack.com)
submitted 7 hours ago by digicat to c/blueteamsec
0 comments fedilink
3
4
Russian Cybercrime & State Militarization: Marching Together in the Digital Age (analyst1.com)
submitted 7 hours ago by digicat to c/blueteamsec
0 comments fedilink
4
3
We share global infrastructure tracking techniques, tools to decrypt VShell communications, and insights into attacker behaviors to strengthen threat detection and incident response capabilities. (www.nviso.eu)
submitted 7 hours ago by digicat to c/blueteamsec
0 comments fedilink
5
3
NVISO analyzes VShell post-exploitation tool (www.nviso.eu)
submitted 7 hours ago by digicat to c/blueteamsec
0 comments fedilink
6
3
GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools (cloud.google.com)
submitted 7 hours ago by digicat to c/blueteamsec
0 comments fedilink
7
3
Defeating KASLR by Doing Nothing at All (googleprojectzero.blogspot.com)
submitted 7 hours ago by digicat to c/blueteamsec
0 comments fedilink
8
3
Treasury Sanctions DPRK Bankers and Institutions Involved in Laundering Cybercrime Proceeds and IT Worker Funds (home.treasury.gov)
submitted 7 hours ago by digicat to c/blueteamsec
0 comments fedilink
9
3
How RMM abuse fuelled Medusa & DragonForce attacks (zensec.co.uk)
submitted 7 hours ago by digicat to c/blueteamsec
0 comments fedilink
10
2
This Research Investigates purely focuses on the Networks used by the Clop Ransomware Group during their infiltration at different victims. (theravenfile.com)
submitted 7 hours ago by digicat to c/blueteamsec
0 comments fedilink
11
2
Dissecting the Infection Chain: Technical Analysis of the Kimsuky JavaScript Dropper (blog.pulsedive.com)
submitted 7 hours ago by digicat to c/blueteamsec
0 comments fedilink
12
10
Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks, FBI says (chicago.suntimes.com)
submitted 1 day ago by digicat to c/blueteamsec
0 comments fedilink
13
3
Demystifying Zero Trust (www.ncsc.gov.uk)
submitted 1 day ago by digicat to c/blueteamsec
0 comments fedilink
14
3
Scaling Security Testing by Addressing the Reachability Gap (gpsapia.github.io)
submitted 2 days ago by digicat to c/blueteamsec
0 comments fedilink
15
1
Inside the attack chain: Threat activity targeting Azure Blob Storage (www.microsoft.com)
submitted 1 day ago by digicat to c/blueteamsec
0 comments fedilink
16
1
Using PAWs in OT environments (www.ncsc.gov.uk)
submitted 1 day ago by digicat to c/blueteamsec
0 comments fedilink
17
3
Remote access, real cargo: cybercriminals targeting trucking and logistics (www.proofpoint.com)
submitted 2 days ago by digicat to c/blueteamsec
0 comments fedilink
18
2
RDSEED Failure on AMD “Zen 5” Processors (www.amd.com)
submitted 2 days ago by digicat to c/blueteamsec
0 comments fedilink
19
0
Curly COMrades: Evasion and Persistence via Hidden Hyper-V Virtual Machines (www.bitdefender.com)
submitted 1 day ago by digicat to c/blueteamsec
0 comments fedilink
20
1
Graph Api Overwhelm (www.alphaf0x.com)
submitted 2 days ago by digicat to c/blueteamsec
0 comments fedilink
21
11
Is Your Bluetooth Chip Leaking Secrets via RF Signals? (eprint.iacr.org)
submitted 4 days ago by digicat to c/blueteamsec
4 comments fedilink
22
10
Security Community Slams MIT-linked Report Claiming AI Powers 80% of Ransomware (socket.dev)
submitted 4 days ago by digicat to c/blueteamsec
0 comments fedilink
23
2
Alleged Jabber Zeus Coder ‘MrICQ’ in U.S. Custody (krebsonsecurity.com)
submitted 3 days ago by digicat to c/blueteamsec
0 comments fedilink
24
2
SilentButDeadly: SilentButDeadly is a network communication blocker specifically designed to neutralize EDR/AV software by preventing their cloud connectivity using Windows Filtering Platform (WFP). (github.com)
submitted 3 days ago by digicat to c/blueteamsec
0 comments fedilink
25
4
Bypassing WiFi Client Isolation (pulsesecurity.co.nz)
submitted 3 days ago by digicat to c/blueteamsec
0 comments fedilink
view more: next ›