blueteamsec

476 readers
19 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago
MODERATORS
[email protected]
listing: all - local
151
2
APT-C-08(蔓灵花)组织新载荷披露 - APT-C-08 (Crane Spirit Flower) Organization's New Payload Revealed (mp.weixin.qq.com)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
152
2
StardustChollima/BlueNoroff盗取TG账号后发起ZoomClickFIX钓鱼 - StardustChollima/BlueNoroff stole TG accounts and launched ZoomClickFIX phishing attacks (mp.weixin.qq.com)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
153
2
AzureStrike: An HTA Application which builds Azure (Entra) Scenarios for Red Team Simulations (github.com)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
154
2
rpc2wc: RPC to WebClient startup - "Code for triggering WebClient through an RPC call. Since it did not end up panning out the code was never very cleaned up and very much remained in a PoC" (github.com)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
155
3
The Fragile Balance: Assumptions, Tuning, and Telemetry Limits In Detection Engineering (nasbench.medium.com)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
156
2
Silent Harvest: Extracting Windows Secrets Under the Radar (sud0ru.ghost.io)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
157
2
Hunting for Malware Networks (dti.domaintools.com)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
158
4
Slice: SAST + LLM Interprocedural Context Extractor (noperator.dev)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
159
4
phishurl-list: Phishing URL dataset from JPCERT/CC (github.com)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
160
3
Evolving Mule Tactics in the META Region (www.group-ib.com)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
161
4
When a SSRF is enough: Full Docker Escape on Windows Docker Desktop (CVE-2025-9074) - a reminder that Docker is not a security boundary (blog.qwertysecurity.com)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
162
4
AppLockerInspector: Audits an AppLocker policy XML and reports weak/misconfigured/risky settings, including actual ACL checks. (github.com)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
163
4
Detailed Analysis of Phrack’s APT Down: The North Korea Files (s2w.inc)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
164
4
Weaponizing image scaling against production AI systems (blog.trailofbits.com)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
165
4
Scam Farms Marque and Reprisal Authorization Act of 2025 - authorize the President to issue letters of marque and reprisal with respect to acts of aggression against the United States (www.congress.gov)
submitted 1 week ago by [email protected] to c/[email protected]
1 comments fedilink
166
5
"Scamlexity": When Agentic AI Browsers Get Scammed (guard.io)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
167
5
CVE-2025–41688: Bypassing Restrictions in an OT Remote Access Device (medium.com)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
168
5
MCP vulnerability case study: SQL injection in the Postgres MCP server (securitylabs.datadoghq.com)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
169
4
MURKY PANDA: Trusted-Relationship Cloud Threat (www.crowdstrike.com)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
170
5
Microsoft Curbs Early Access for Chinese Firms to Notifications About Cybersecurity Flaws (archive.ph)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
171
5
Palm Coast Hacker Sentenced To 10 Years In Prison (www.justice.gov)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
172
5
Analysis of the GFW's Unconditional Port 443 Block on August 20, 2025 (gfw.report)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
173
3
The Department of Energy’s Unclassified Cybersecurity Program – 2024 (www.oversight.gov)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
174
2
GroupPolicyBackdoor: Group Policy Objects manipulation and exploitation framework (github.com)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
175
1
UAC-0057 keeps applying pressure on Ukraine and Poland (harfanglab.io)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
view more: ‹ prev next ›