blueteamsec

557 readers

15 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago

MODERATORS

digicat@infosec.pub

826

1

FANCY BEAR GONEPOSTAL – Espionage Tool Provides Backdoor Access to Microsoft Outlook (www.kroll.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

827

1

Break The Protective Shell Of Windows Defender With The Folder Redirect Technique (www.zerosalarium.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

828

2

H1 2025 Malware and Vulnerability Trends (www.recordedfuture.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

829

5

APT37: Rust Backdoor & Python Loader (www.zscaler.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

830

4

npm debug and chalk packages compromised (www.aikido.dev)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

831

1

Windows Internals: Secure Calls - The Bridge Between The NT Kernel and Secure Kernel (connormcgarr.github.io)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

832

4

Salt Typhoon and UNC4841: New Domains; Urges Defenders to Check Telemetry and Log Data (www.silentpush.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

833

1

«Плановое мероприятие»: в «КазМунайГазе» отрицают атаку российских хакеров - "Planned event": KazMunaiGas denies attack by Russian hackers - mistook a "planned security check" for a cyberattack. (orda.kz)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

834

6

From CVE Entries to Verifiable Exploits: An Automated Multi-Agent Framework for Reproducing CVEs (arxiv.org)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

1 comments fedilink

835

2

Microsoft Azure services disrupted by Red Sea cable cuts (www.bbc.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

836

6

Reverse engineering of Apple's iOS 0-click CVE-2025-43300: 2 bytes that make size matter (blog.quarkslab.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

837

2

Update on Mandiant Drift and Salesloft Application Investigations (trust.salesloft.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

838

3

Bells Ringing in Dar es Salaam | Chollima Group (chollima-group.io)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

839

13

Qantas cyber attack: Chief executive punished with $278k pay cut (www.nzherald.co.nz)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

2 comments fedilink

840

4

Retrieving kernel process object addresses by exploiting a driver providing R/W to physical memory (github.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

841

4

A Playbook for Winning the Cyber War | Intelligence, National Security, and Technology Program | CSIS (www.csis.org)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

842

5

VulnRepairEval: An Exploit-Based Evaluation Framework for Assessing Large Language Model Vulnerability Repair Capabilities (arxiv.org)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

843

2

dittobytes: Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE. (github.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

844

1

BugCheck 0xD1: Potential race condition in Teredo cleanup during flow teardown (medium.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

845

3

New Botnet Emerges from the Shadows: NightshadeC2 (www.esentire.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

846

3

The Czech National Cyber and Information Security Agency issues warning about data transfer to and remote administration from China (nukib.gov.cz)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

847

1

Salesloft Third-Party Drift Integration Partners FAQ (9:00PM ET) (trust.salesloft.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

848

4

Critical SAP S/4HANA code injection vulnerability (CVE-2025-42957) exploited in the wild (securitybridge.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

1 comments fedilink

849

4

The GhostAction Campaign: 3,325 Secrets Stolen Through Compromised GitHub Workflows (blog.gitguardian.com)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

850

2

DRMD: Deep Reinforcement Learning for Malware Detection under Concept Drift (arxiv.org)

submitted 2 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink