blueteamsec

491 readers

17 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago

MODERATORS

digicat@infosec.pub

76

3

New Botnet Emerges from the Shadows: NightshadeC2 (www.esentire.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

77

3

The Czech National Cyber and Information Security Agency issues warning about data transfer to and remote administration from China (nukib.gov.cz)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

78

1

Salesloft Third-Party Drift Integration Partners FAQ (9:00PM ET) (trust.salesloft.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

79

4

Critical SAP S/4HANA code injection vulnerability (CVE-2025-42957) exploited in the wild (securitybridge.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

1 comments fedilink

80

3

The GhostAction Campaign: 3,325 Secrets Stolen Through Compromised GitHub Workflows (blog.gitguardian.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

81

2

DRMD: Deep Reinforcement Learning for Malware Detection under Concept Drift (arxiv.org)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

82

2

The Art of Hide and Seek: Making Pickle-Based Model Supply Chain Poisoning Stealthy Again (arxiv.org)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

83

3

Breaking Diffusion with Cache: Exploiting Approximate Caches in Diffusion Models (arxiv.org)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

1 comments fedilink

84

1

[2508.20866] AI Agentic Vulnerability Injection And Transformation with Optimized Reasoning (arxiv.org)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

85

2

Let's evaluate "The Iranian Internet Outage from the Perspective of Cyberspace" from the perspective of real cyberspace. (mp.weixin.qq.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

86

0

LLM-TIKG: Threat intelligence knowledge graph construction utilizing large language model (www.sciencedirect.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

87

2

ReDAN: An Empirical Study on Remote DoS Attacks against NAT Networks (www.ndss-symposium.org)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

88

5

CTO at NCSC Summary: week ending September 7th (ctoatncsc.substack.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

89

2

Inside the Kimsuky Leak: How the “Kim” Dump Exposed North Korea’s Credential Theft Playbook (dti.domaintools.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

90

2

Threat Actors Abuse Simplified AI to Steal Microsoft 365 Credentials (www.catonetworks.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

91

0

MeetC2 a.k.a Meeting C2 (medium.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

**

92

4

orsted: Orsted C2 Framework (github.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

93

12

Microsoft Used China-Based Engineers. - "internal work-tracking system that showed China-based employees recently fixing bugs for SharePoint “OnPrem,”" (www.propublica.org)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

94

2

ACM SIGCOMM 2025: Proceedings of the ACM SIGCOMM 2025 Conference (conferences.sigcomm.org)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

95

4

ACM SIGCOMM 2025: Proceedings of the Workshops (conferences.sigcomm.org)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

96

2

Operation BarrelFire: NoisyBear Targets Kazakhstan Oil & Gas (www.seqrite.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

97

4

GhostRedirector poisons Windows servers: Backdoors with a side of Potatoes (www.welivesecurity.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

98

1

From CastleLoader to CastleRAT: TAG-150 Advances Operations with Multi-Tiered Infrastructure (www.recordedfuture.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

99

2

Addressing the unauthorized issuance of multiple TLS certificates for 1.1.1.1 (blog.cloudflare.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink

100

7

Contagious Interview | North Korean Threat Actors Reveal Plans and Ops by Abusing Cyber Intel Platforms (www.sentinelone.com)

submitted 1 week ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

0 comments fedilink