blueteamsec

556 readers
9 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago
MODERATORS
digicat@infosec.pub
listing: all - local
476
1
Microsoft Events Leak, Part I: Leaking Event Registration and Waitlist Databases - now fixed (blog.faav.top)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
477
8
CamoLeak: Critical GitHub Copilot Vulnerability Leaks Private Source Code (www.legitsecurity.com)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
478
2
175 Malicious npm Packages Host Phishing Infrastructure Targeting 135+ - 26k+ downloads - used unpkg CDN to host redirect scripts for a credential-phishing campaign (socket.dev)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
479
5
7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability - Oct 7th - another one (www.zerodayinitiative.com)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
480
2
Active Exploitation of Gladinet CentreStack and Triofox Local File Inclusion Flaw (www.huntress.com)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
481
2
Security Bulletin: NVIDIA GPU Display Drivers - October 2025 - multiple Linux privilege escalations likely impacting shared model training environments (nvidia.custhelp.com)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
482
2
APT | 海莲花组织Havoc远控木马分析 - APT | Analysis of the OceanLotus Havoc Remote Access Trojan (mp.weixin.qq.com)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
483
8
100,000+ IP Botnet Launches Coordinated RDP Attack Wave Against US Infrastructure (www.greynoise.io)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
1 comments fedilink
484
2
2025年に確認されたBlackTechのマルウェアKivarsの亜種 – A variant of BlackTech's Kivars malware discovered in 2025 (sect.iij.ad.jp)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
485
1
BatShadow’s Latest Play - Vietnamese Threat Group Uses Vampire Bot to Target Digital Professionals (www.aryaka.com)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
486
2
New Rust Malware "ChaosBot" Uses Discord for Command and Control (www.esentire.com)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
487
2
Analyzing and Breaking Defender for Endpoint's Cloud Communication (labs.infoguard.ch)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
488
2
A major evolution of Apple Security Bounty, with the industry's top awards for the most advanced research - Apple Security Research (security.apple.com)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
489
6
Widespread SonicWall SSLVPN Compromise - So far, over 100 SonicWall SSLVPN accounts across 16 customer accounts have been impacted. In the cases observed (www.huntress.com)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
490
4
Spyware maker NSO Group confirms acquisition by US investors | TechCrunch (techcrunch.com)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
491
4
CTO at NCSC Summary: week ending October 12th (ctoatncsc.substack.com)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
492
4
Disrupting malicious uses of AI: October 2025 (openai.com)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
493
1
VehicleSec '25 Technical Sessions (www.usenix.org)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
494
2
Beyond the Alert: The Art and Science of Modern Detection Engineering. (medium.com)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
495
2
Lawfare Daily: The State of the Spyware Industry (www.lawfaremedia.org)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
496
5
A survey on malware attacks in industrial air-gap systems (link.springer.com)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
497
2
BYOVD to the next level (part 2) — rootkit like it's 2025 (blog.quarkslab.com)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
498
3
Attackers Actively Exploiting Critical Vulnerability in Service Finder Bookings Plugin (www.wordfence.com)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
499
10
Investigating targeted “payroll pirate” attacks affecting US universities (www.microsoft.com)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
500
2
Velociraptor leveraged in ransomware attacks (blog.talosintelligence.com)
submitted 1 month ago by digicat@infosec.pub to c/blueteamsec@infosec.pub
0 comments fedilink
view more: ‹ prev next ›