blueteamsec

554 readers
15 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago
MODERATORS
digicat@infosec.pub
listing: all - local
226
13
Meta is earning a fortune on a deluge of fraudulent ads, documents show (archive.ph)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
1 comments fedilink
227
2
New Kimsuky Malware “EndClient RAT”: First Technical Report and IOCs (www.0x0v1.com)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
228
7
China-linked Actors Maintain Focus on Organizations Influencing U.S. Policy (www.security.com)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
229
6
How an Attacker Drained $128M from Balancer Through Rounding Error Exploitation (research.checkpoint.com)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
230
3
Close Those Ports: Exploring Splashtop RMM and Relays (blog.axelarator.net)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
231
1
Malicious Infrastructure Finds Stability with aurologic GmbH (assets.recordedfuture.com)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
232
3
Spoofed numbers blocked in crackdown on scammers (www.gov.uk)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
1 comments fedilink
233
1
Cloud Backup Security Incident Investigation Complete and Strengthened Cyber Resilience (www.sonicwall.com)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
234
3
Crossed wires: a case study of Iranian espionage and attribution (www.proofpoint.com)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
235
2
This Research Investigates purely focuses on the Networks used by the Clop Ransomware Group during their infiltration at different victims. (theravenfile.com)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
236
2
Dissecting the Infection Chain: Technical Analysis of the Kimsuky JavaScript Dropper (blog.pulsedive.com)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
237
3
We share global infrastructure tracking techniques, tools to decrypt VShell communications, and insights into attacker behaviors to strengthen threat detection and incident response capabilities. (www.nviso.eu)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
238
3
NVISO analyzes VShell post-exploitation tool (www.nviso.eu)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
239
4
A Researcher Came Knocking, and Taught China a Lesson in How to Manage Vulnerabilities -- and Researchers (nattothoughts.substack.com)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
240
3
GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools (cloud.google.com)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
241
4
Russian Cybercrime & State Militarization: Marching Together in the Digital Age (analyst1.com)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
242
3
Defeating KASLR by Doing Nothing at All (googleprojectzero.blogspot.com)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
243
3
Treasury Sanctions DPRK Bankers and Institutions Involved in Laundering Cybercrime Proceeds and IT Worker Funds (home.treasury.gov)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
244
3
How RMM abuse fuelled Medusa & DragonForce attacks (zensec.co.uk)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
245
0
Curly COMrades: Evasion and Persistence via Hidden Hyper-V Virtual Machines (www.bitdefender.com)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
246
10
Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks, FBI says (chicago.suntimes.com)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
247
1
Inside the attack chain: Threat activity targeting Azure Blob Storage (www.microsoft.com)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
248
3
Demystifying Zero Trust (www.ncsc.gov.uk)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
249
1
Using PAWs in OT environments (www.ncsc.gov.uk)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
250
3
Scaling Security Testing by Addressing the Reachability Gap (gpsapia.github.io)
submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
view more: ‹ prev next ›