r/blueteamsec bot
@r-blueteamsec.bsky.social
Mirrors r/blueteamsec, "intelligence, research and engineering to help operational [blue|purple] teams defend their estates." Unofficial. Operated by @tweedge.net, open source @ https://github.com/tweedge/xpost-reddit-to-fediverse
The Guardians of Name Street: Studying the Defensive Registration Practices of the Fortune 500
The Guardians of Name Street: Studying the Defensive Registration Practices of the Fortune 500
fabianmonrose.github.io
November 23, 2025 at 6:39 PM
The Guardians of Name Street: Studying the Defensive Registration Practices of the Fortune 500
MuddyWater组织近期钓鱼攻击活动分析 - Analysis of MuddyWater's Recent Phishing Attacks
MuddyWater组织近期钓鱼攻击活动分析 - Analysis of MuddyWater's Recent Phishing Attacks
mp.weixin.qq.com
November 23, 2025 at 6:39 PM
MuddyWater组织近期钓鱼攻击活动分析 - Analysis of MuddyWater's Recent Phishing Attacks
CustomC2ChannelTemplate: template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.
CustomC2ChannelTemplate: template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.
github.com
November 23, 2025 at 6:39 PM
CustomC2ChannelTemplate: template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.
GoDefender: Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package. Windows ONLY.
GoDefender: Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package. Windows ONLY.
github.com
November 23, 2025 at 6:24 PM
GoDefender: Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package. Windows ONLY.
多层隐匿载荷解密与驱动级致盲对抗手法分析丨游蛇(银狐)技战术追踪 - Deciphering Multi-Layer Hidden Loads and Analyzing Drive-Level Blinding Countermeasures | Tracking the Tactics and Techniques of the Silver Fox
多层隐匿载荷解密与驱动级致盲对抗手法分析丨游蛇(银狐)技战术追踪 - Deciphering Multi-Layer Hidden Loads and Analyzing Drive-Level Blinding Countermeasures | Tracking the Tactics and Techniques of the Silver Fox
mp.weixin.qq.com
November 23, 2025 at 6:24 PM
多层隐匿载荷解密与驱动级致盲对抗手法分析丨游蛇(银狐)技战术追踪 - Deciphering Multi-Layer Hidden Loads and Analyzing Drive-Level Blinding Countermeasures | Tracking the Tactics and Techniques of the Silver Fox
[2511.13548] ForgeDAN: An Evolutionary Framework for Jailbreaking Aligned Large Language Models
[2511.13548] ForgeDAN: An Evolutionary Framework for Jailbreaking Aligned Large Language Models
arxiv.org
November 23, 2025 at 6:24 PM
[2511.13548] ForgeDAN: An Evolutionary Framework for Jailbreaking Aligned Large Language Models
NSO seeks to overturn WhatsApp case, saying it is ‘catastrophic’ for the spyware maker
NSO seeks to overturn WhatsApp case, saying it is ‘catastrophic’ for the spyware maker
therecord.media
November 23, 2025 at 8:39 AM
NSO seeks to overturn WhatsApp case, saying it is ‘catastrophic’ for the spyware maker
Hunting Guide: Hunting For Suspicious Scheduled Tasks
Hunting Guide: Hunting For Suspicious Scheduled Tasks
www.talkincyber.com
November 23, 2025 at 5:24 AM
Hunting Guide: Hunting For Suspicious Scheduled Tasks
My First 24 Hours Running a DNS Honeypot
My First 24 Hours Running a DNS Honeypot
github.com
November 22, 2025 at 11:39 PM
My First 24 Hours Running a DNS Honeypot
Creating a YARA Repository
Creating a YARA Repository
brkalbyrk.github.io
November 22, 2025 at 10:39 PM
Creating a YARA Repository
Unfortunately, one of the three trustees has irretrievably lost their private key, an honest but unfortunate human mistake, and therefore cannot compute their decryption share
Unfortunately, one of the three trustees has irretrievably lost their private key, an honest but unfortunate human mistake, and therefore cannot compute their decryption share
www.iacr.org
November 22, 2025 at 6:54 PM
Unfortunately, one of the three trustees has irretrievably lost their private key, an honest but unfortunate human mistake, and therefore cannot compute their decryption share
Brazilian Campaign: Spreading the Malware via WhatsApp
Brazilian Campaign: Spreading the Malware via WhatsApp
labs.k7computing.com
November 22, 2025 at 6:39 PM
Brazilian Campaign: Spreading the Malware via WhatsApp
Start using Windows Autopatch
Start using Windows Autopatch
learn.microsoft.com
November 22, 2025 at 4:39 PM
Start using Windows Autopatch
UNC2891:ATM Threats Never Die - How a device small enough to fit in your pocket – a Raspberry Pi – became the key to infiltrating entire ATM networks
UNC2891:ATM Threats Never Die - How a device small enough to fit in your pocket – a Raspberry Pi – became the key to infiltrating entire ATM networks
www.group-ib.com
November 22, 2025 at 12:54 PM
UNC2891:ATM Threats Never Die - How a device small enough to fit in your pocket – a Raspberry Pi – became the key to infiltrating entire ATM networks
Fortinet published an advisory for CVE-2025-58034. it is an authenticated command injection vulnerability affecting FortiWeb. Fortinet and CISA have indicated that it has been exploited in-the-wild
Fortinet published an advisory for CVE-2025-58034. it is an authenticated command injection vulnerability affecting FortiWeb. Fortinet and CISA have indicated that it has been exploited in-the-wild
attackerkb.com
November 22, 2025 at 12:39 PM
Fortinet published an advisory for CVE-2025-58034. it is an authenticated command injection vulnerability affecting FortiWeb. Fortinet and CISA have indicated that it has been exploited in-the-wild
Native Sysmon functionality coming to Windows
Native Sysmon functionality coming to Windows
techcommunity.microsoft.com
November 22, 2025 at 11:54 AM
Native Sysmon functionality coming to Windows
Threat Intelligence Report: APT35 Internal Leak of Hacking Campaigns Against Lebanon, Kuwait, Turkey, Saudi Arabia, Korea, and Domestic Iranian Targets
Threat Intelligence Report: APT35 Internal Leak of Hacking Campaigns Against Lebanon, Kuwait, Turkey, Saudi Arabia, Korea, and Domestic Iranian Targets
dti.domaintools.com
November 22, 2025 at 10:24 AM
Threat Intelligence Report: APT35 Internal Leak of Hacking Campaigns Against Lebanon, Kuwait, Turkey, Saudi Arabia, Korea, and Domestic Iranian Targets
Made a tool to detect process injection
Made a tool to detect process injection
github.com
November 22, 2025 at 5:24 AM
Made a tool to detect process injection
Operation WrtHug, The Global Espionage Campaign Hiding in Your Home Router
Operation WrtHug, The Global Espionage Campaign Hiding in Your Home Router
securityscorecard.com
November 21, 2025 at 9:24 PM
Operation WrtHug, The Global Espionage Campaign Hiding in Your Home Router
Microsoft Defender for Endpoint Internal 0x06 — Custom Collection
Microsoft Defender for Endpoint Internal 0x06 — Custom Collection
medium.com
November 21, 2025 at 3:39 PM
Microsoft Defender for Endpoint Internal 0x06 — Custom Collection
JA4D and JA4D6: DHCP Fingerprinting
JA4D and JA4D6: DHCP Fingerprinting
foxio.io
November 21, 2025 at 1:09 PM
JA4D and JA4D6: DHCP Fingerprinting
ENISA Sectorial Threat Landscape - Public Administration
ENISA Sectorial Threat Landscape - Public Administration
www.enisa.europa.eu
November 21, 2025 at 8:39 AM
ENISA Sectorial Threat Landscape - Public Administration
WSUS 원격 코드 실행 취약점(CVE-2025-59287)을 악용한 ShadowPad 공격 사례 분석 - APT Malware Analysis of a ShadowPad attack exploiting the WSUS remote code execution vulnerability (CVE-2025-59287)
WSUS 원격 코드 실행 취약점(CVE-2025-59287)을 악용한 ShadowPad 공격 사례 분석 - APT Malware Analysis of a ShadowPad attack exploiting the WSUS remote code execution vulnerability (CVE-2025-59287)
asec.ahnlab.com
November 21, 2025 at 7:24 AM
WSUS 원격 코드 실행 취약점(CVE-2025-59287)을 악용한 ShadowPad 공격 사례 분석 - APT Malware Analysis of a ShadowPad attack exploiting the WSUS remote code execution vulnerability (CVE-2025-59287)
Autumn Dragon: China-nexus APT Group Targets South East Asia
Autumn Dragon: China-nexus APT Group Targets South East Asia
cyberarmor.tech
November 20, 2025 at 10:09 PM
Autumn Dragon: China-nexus APT Group Targets South East Asia
A Pain in the Mist: Navigating Operation DreamJob’s arsenal
A Pain in the Mist: Navigating Operation DreamJob’s arsenal
www.orangecyberdefense.com
November 20, 2025 at 9:24 PM
A Pain in the Mist: Navigating Operation DreamJob’s arsenal