blueteamsec

554 readers

25 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago

MODERATORS

digicat@infosec.pub

251

1

Malicious Infrastructure Finds Stability with aurologic GmbH (assets.recordedfuture.com)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

252

3

Spoofed numbers blocked in crackdown on scammers (www.gov.uk)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

1 comments fedilink

253

1

Cloud Backup Security Incident Investigation Complete and Strengthened Cyber Resilience (www.sonicwall.com)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

254

3

Crossed wires: a case study of Iranian espionage and attribution (www.proofpoint.com)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

255

2

This Research Investigates purely focuses on the Networks used by the Clop Ransomware Group during their infiltration at different victims. (theravenfile.com)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

256

2

Dissecting the Infection Chain: Technical Analysis of the Kimsuky JavaScript Dropper (blog.pulsedive.com)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

257

3

We share global infrastructure tracking techniques, tools to decrypt VShell communications, and insights into attacker behaviors to strengthen threat detection and incident response capabilities. (www.nviso.eu)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

258

3

NVISO analyzes VShell post-exploitation tool (www.nviso.eu)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

259

4

A Researcher Came Knocking, and Taught China a Lesson in How to Manage Vulnerabilities -- and Researchers (nattothoughts.substack.com)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

260

3

GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools (cloud.google.com)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

261

4

Russian Cybercrime & State Militarization: Marching Together in the Digital Age (analyst1.com)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

262

3

Defeating KASLR by Doing Nothing at All (googleprojectzero.blogspot.com)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

263

3

Treasury Sanctions DPRK Bankers and Institutions Involved in Laundering Cybercrime Proceeds and IT Worker Funds (home.treasury.gov)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

264

3

How RMM abuse fuelled Medusa & DragonForce attacks (zensec.co.uk)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

265

0

Curly COMrades: Evasion and Persistence via Hidden Hyper-V Virtual Machines (www.bitdefender.com)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

266

10

Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks, FBI says (chicago.suntimes.com)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

267

1

Inside the attack chain: Threat activity targeting Azure Blob Storage (www.microsoft.com)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

268

3

Demystifying Zero Trust (www.ncsc.gov.uk)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

269

1

Using PAWs in OT environments (www.ncsc.gov.uk)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

270

3

Scaling Security Testing by Addressing the Reachability Gap (gpsapia.github.io)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

271

1

Graph Api Overwhelm (www.alphaf0x.com)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

272

2

RDSEED Failure on AMD “Zen 5” Processors (www.amd.com)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

273

3

Remote access, real cargo: cybercriminals targeting trucking and logistics (www.proofpoint.com)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

274

1

Drawn to Danger: Windows Graphics Vulnerabilities Lead to Remote Code Execution and Memory Exposure (research.checkpoint.com)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

275

2

Alleged Jabber Zeus Coder ‘MrICQ’ in U.S. Custody (krebsonsecurity.com)

submitted 3 weeks ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink