blueteamsec

552 readers

18 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago

MODERATORS

digicat@infosec.pub

76

1

WSUS 원격 코드 실행 취약점(CVE-2025-59287)을 악용한 ShadowPad 공격 사례 분석 - APT Malware Analysis of a ShadowPad attack exploiting the WSUS remote code execution vulnerability (CVE-2025-59287) (asec.ahnlab.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

77

1

Microsoft Defender for Endpoint Internal 0x06 — Custom Collection (medium.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

78

1

APT24's Pivot to Multi-Vector Attacks (cloud.google.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

79

1

Custom data collection in Microsoft Defender for Endpoint - Microsoft Defender for Endpoint (learn.microsoft.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

80

1

Autumn Dragon: China-nexus APT Group Targets South East Asia (cyberarmor.tech)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

81

1

Interactive End-to-End Decompilation via Large Language Models (www.mdpi.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

82

1

The Tsundere botnet uses the Ethereum blockchain to infect its targets (securelist.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

83

3

SCCM Hierarchy Takeover via Entra Integration…Because of the Implication (specterops.io)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

84

1

Windows: Administrator Protection RAiLaunchAdminProcess Application Name EoP (project-zero.issues.chromium.org)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

85

1

Security Advisory: Unusual Activity Related to Gainsight Applications (status.salesforce.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

86

1

A Pain in the Mist: Navigating Operation DreamJob’s arsenal (www.orangecyberdefense.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

87

1

Nation-state actors bridging cyber and kinetic warfare (aws.amazon.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

88

1

Building the digital front line: Understanding big tech decision-making in Ukraine (www.atlanticcouncil.org)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

89

1

Pixnapping: Bringing Pixel Stealing out of the Stone Age on Android (www.pixnapping.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

90

1

Prepared Statements? Prepared to Be Vulnerable. (blog.mantrainfosec.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

91

3

Palo Alto Scanning Surges 40X in 24 Hours, Marking 90-Day High (www.greynoise.io)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

92

3

The Psychology Behind Effective Honey Tokens (deceptiq.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

93

5

Hey there! You are using WhatsApp: Enumerating Three Billion Accounts for Security and Privacy (github.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

94

2

Hackers Target Educational Institutions in Sumy Region and Government Bodies via Compromised Account - Ukraine (cip.gov.ua)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

95

1

AI-Orchestrated Attacks: Why Detection Speed Matters (deceptiq.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

96

2

Bulletproof Defense: Mitigating Risks From Bulletproof Hosting ProviderS (media.defense.gov)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

97

3

PlushDaemon compromises network devices for adversary-in-the-middle attacks (www.welivesecurity.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

98

3

United States, Australia, and United Kingdom Sanction Russian Cybercrime Infrastructure Supporting Ransomware (home.treasury.gov)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

99

3

China’s Cybersecurity Companies Advancing Offensive Cyber Capabilities Through Attack-Defense Labs (open.substack.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

100

2

Bulletproof Defense: Mitigating Risks From Bulletproof Hosting Providers (www.cisa.gov)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink