blueteamsec

434 readers
9 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago
MODERATORS
digicat
listing: all - local
101
2
The 26th Annual Hawke Lecture: Counting and countering the cost of espionage - "Often it’s a combination of both, where cyber-espionage enables in-person espionage or in-person espionage begets cyber- (www.asio.gov.au)
submitted 5 days ago by digicat to c/blueteamsec
0 comments fedilink
102
2
OpenImporter: Middleware utility for enriching and uploading data gathered with arbitrary collectors to more effectively map to existing Bloodhound database objects. (github.com)
submitted 5 days ago by digicat to c/blueteamsec
0 comments fedilink
103
4
Exploiting the Synology TC500 at Pwn2Own Ireland 2024 (blog.infosectcbr.com.au)
submitted 6 days ago by digicat to c/blueteamsec
0 comments fedilink
104
4
When Privileged Access Falls into the Wrong Hands: Chinese Companies in Microsoft’s MAPP Program (nattothoughts.substack.com)
submitted 6 days ago by digicat to c/blueteamsec
0 comments fedilink
105
5
RingReaper: Linux post-exploitation agent that uses io_uring to stealthily bypass EDR detection by avoiding traditional syscalls. (github.com)
submitted 6 days ago by digicat to c/blueteamsec
0 comments fedilink
106
3
Naming country linked to UNC3886 attack not in Singapore’s best interest at this point in time: Shanmugam (www.channelnewsasia.com)
submitted 6 days ago by digicat to c/blueteamsec
0 comments fedilink
107
3
XWorm V6: 高度な回避機能と AMSI バイパス機能が明らかに - XWorm V6: Advanced Evasion and AMSI Bypass Capabilities Revealed (www.netskope.com)
submitted 6 days ago by digicat to c/blueteamsec
0 comments fedilink
108
3
autoswagger: Autoswagger by Intruder - detect API auth weaknesses (github.com)
submitted 6 days ago by digicat to c/blueteamsec
0 comments fedilink
109
3
ICANN writes letter to Web Commerce Communications Limited dba WebNic.cc for not dealing with DNS domain abuse reports (www.icann.org)
submitted 6 days ago by digicat to c/blueteamsec
0 comments fedilink
110
3
Microsoft OAuth App Impersonation Campaign Leads to MFA Phishing (www.proofpoint.com)
submitted 6 days ago by digicat to c/blueteamsec
0 comments fedilink
111
3
Attackers abusing Proofpoint & Intermedia link wrapping to deliver phishing payloads (www.cloudflare.com)
submitted 6 days ago by digicat to c/blueteamsec
0 comments fedilink
112
3
Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats (www.microsoft.com)
submitted 6 days ago by digicat to c/blueteamsec
0 comments fedilink
113
2
Let’s Be Objective: A Deep Dive into 0bj3ctivityStealer's Features (www.trellix.com)
submitted 6 days ago by digicat to c/blueteamsec
0 comments fedilink
114
2
2025 GenAI Code Security Report: ASSESSING THE SECURITY OF USING LLMS FOR CODING (www.veracode.com)
submitted 6 days ago by digicat to c/blueteamsec
0 comments fedilink
115
2
machofile: machofile is a module to parse Mach-O binary files (github.com)
submitted 6 days ago by digicat to c/blueteamsec
0 comments fedilink
116
1
Beyond the Patch: SharePoint Exploits and the Hidden Threat of IIS Module Persistence (www.splunk.com)
submitted 5 days ago by digicat to c/blueteamsec
0 comments fedilink
117
1
Hunting for Secrets in Plain Sight: Leveraging Internal Logging and Monitoring Services (www.praetorian.com)
submitted 5 days ago by digicat to c/blueteamsec
0 comments fedilink
118
1
UNC2891 Bank Heist: Physical ATM Backdoor & Linux Forensic Evasion Evasion (www.group-ib.com)
submitted 5 days ago by digicat to c/blueteamsec
0 comments fedilink
119
1
#OFTW v3.0 - 'Objective for the We' v3.0 - London, July 2025 - slides and videos (objective-see.org)
submitted 5 days ago by digicat to c/blueteamsec
0 comments fedilink
120
2
CISA and USCG Issue Joint Advisory to Strengthen Cyber Hygiene in Critical Infrastructure (www.cisa.gov)
submitted 6 days ago by digicat to c/blueteamsec
0 comments fedilink
121
1
From Georgia to Ukraine: Seventeen Years of Russian Cyber Capabilities at War - Modern War Institute (mwi.westpoint.edu)
submitted 6 days ago by digicat to c/blueteamsec
0 comments fedilink
122
1
Before ToolShell: Exploring Storm-2603’s Previous Ransomware Operations (research.checkpoint.com)
submitted 6 days ago by digicat to c/blueteamsec
0 comments fedilink
123
1
What Comes After Detection Rules? Smarter Detection Strategies in ATT&CK (medium.com)
submitted 6 days ago by digicat to c/blueteamsec
0 comments fedilink
124
0
Early Warning Signals: When Attacker Behavior Precedes New Vulnerabilities (info.greynoise.io)
submitted 6 days ago* (last edited 5 days ago) by digicat to c/blueteamsec
1 comments fedilink
125
-2
Warren is an open-source security alert management system that automates the tedious parts of alert triage. It ingests alerts from your existing tools, enriches them with AI and threat intelligence (github.com)
submitted 6 days ago by digicat to c/blueteamsec
0 comments fedilink
 
 

https://zenn.dev/mizutani/articles/secmon-warren

view more: ‹ prev next ›