blueteamsec

556 readers

9 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago

MODERATORS

digicat@infosec.pub

651

2

Ransomware Rising - Digital Front Lines (digitalfrontlines.io)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

652

2

Security advisory: command injection vulnerability (CVE-2025-59689) – email as a vector (docs.libraesva.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

653

2

How RainyDay, Turian and a new PlugX variant abuse DLL search order hijacking (blog.talosintelligence.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

654

2

The Evolution of RomCom (www.attackiq.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

655

2

NodeJS backdoors delivering proxyware and monetization schemes (medium.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

656

2

Operation Rewrite: Chinese-Speaking Threat Actors Deploy BadIIS in a Wide Scale SEO Poisoning Campaign (unit42.paloaltonetworks.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

657

2

Our plan for a more secure npm supply chain (github.blog)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

658

4

BYOVD to the next level (part 1) — exploiting a vulnerable driver (CVE-2025-8061) - Quarkslab's blog (blog.quarkslab.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

659

6

U.S. Secret Service dismantles imminent telecommunications threat in New York tristate area (www.secretservice.gov)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

660

6

The Phantom Extension: Backdooring chrome through uncharted pathways (www.synacktiv.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

661

5

m0leCon 2025 (www.youtube.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

662

3

YiBackdoor: Linked to IcedID and Latrodectus | ThreatLabz (www.zscaler.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

663

4

CISA Shares Lessons Learned from an Incident Response Engagement (www.cisa.gov)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

664

5

firezone: Enterprise-ready zero-trust access platform built on WireGuard®. (github.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

665

1

[위협 분석] 성범죄자 고지 정보를 위장한 Kimsuky 공격 | 로그프레소 - Kimsuky Attack Disguised as Sex Offender Notification Information (logpresso.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

666

1

Defending Against the Evolving OAuth Attack Landscape (aadinternals.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

667

2

Cyber Threat Intelligence Communication & Reporting Techniques (bank-security.medium.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

668

2

CVE-2025-10035: Detection for CVE-2025-10035 via Nuclei (github.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

669

1

In-depth Analysis of the Encrypted Payloads in the Pseudo Hunter Github Repository (mp.weixin.qq.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

670

6

Infected Steam game downloads malware disguised as patch (www.gdatasoftware.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

671

1

Nimbus Manticore Deploys New Malware Targeting Europe (research.checkpoint.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

672

2

Elons (Proxima/Black Shadow related) ransomware attack via Oracle DBS External Jobs (labs.yarix.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

673

1

SystemBC – Bringing the Noise (blog.lumen.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

674

1

Deserialization Vulnerability in GoAnywhere MFT's License Servlet (www.fortra.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

675

3

Chypnosis: Stealthy Secret Extraction using Undervolting-based Static Side-channel Attacks (arxiv.org)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink