All InfoSec / Cybersecurity News from For [Blue|Purple] Teams in Cyber Defence | allinfosecnews.com

Latest
Top

IceKube: Finding complex attack paths in Kubernetes clusters 16 hours ago | www.reddit.com

attack attack paths blueteamsec clusters +2

Icekube (bloodhound for Kubernetes) 1 day, 13 hours ago | www.reddit.com

Abusing .NET Core CLR Diagnostic Features (+ CVE-2023-33127) 1 day, 19 hours ago | www.reddit.com

abusing blueteamsec cve features

Identifying Suspected PrivateLoader Servers with Censys 1 day, 21 hours ago | www.reddit.com

blueteamsec censys privateloader servers

How do you make your developers care about security? 1 day, 23 hours ago | www.reddit.com

authentication aware best practices blueteamsec +10

NIST - Identify: Tools recommendation 2 days, 4 hours ago | www.reddit.com

asset blueteamsec compliance identify +11

Identifying Suspected PrivateLoader Servers with Censys 2 days, 20 hours ago | www.reddit.com

GPPDeception: This script generates a groups.xml file that mimics a real GPP to create a … 2 days, 23 hours ago | www.reddit.com

blueteamsec computers domain file +4

Really Useful Logging and Event Repository (RULER) Project: I was often coming across issues where … 3 days, 2 hours ago | www.reddit.com

applications blueteamsec coming event +8

Active Directory Hunting - Set up advanced monitoring with Sysmon and the Security Onion! 3 days, 15 hours ago | www.reddit.com

active directory advanced blueteamsec directory +5

Process Injection - Avoiding Kernel Triggered Memory Scans. 3 days, 17 hours ago | www.reddit.com

blueteamsec injection kernel memory +3

GnuTLS: timing sidechannel in RSA-PSK key exchange - A vulnerability was found that the response … 3 days, 20 hours ago | www.reddit.com

blueteamsec exchange found gnutls +9

AD-Canaries: The purpose of this project is to publish and maintain the deployment PowerShell script … 4 days, 3 hours ago | www.reddit.com

active directory blueteamsec deployment directory +5

The operator of a data recovery company who extorted 2.6 billion won from 730 hacking … 4 days, 3 hours ago | www.reddit.com

arrested blueteamsec data data recovery +2

Chinese hacker group was in the network of Dutch chip manufacturer NXP for years 4 days, 11 hours ago | www.reddit.com

blueteamsec chinese chinese hacker group chip +5

copacetic: 🧵 CLI tool for directly patching container images using reports from vulnerability scanners 5 days, 2 hours ago | www.reddit.com

blueteamsec cli container container images +7

Bluehat 2023 video 5 days, 6 hours ago | www.reddit.com

bluehat blueteamsec video

Spyware attack attempts on mobile devices of members of civil society discovered | SHARE Foundation 5 days, 6 hours ago | www.reddit.com

attack blueteamsec civil civil society +7

Fastly announces plans to block domain fronting in February 2024 5 days, 6 hours ago | www.reddit.com

block blueteamsec domain fastly +2

ETW internals for security research and forensics 6 days, 8 hours ago | www.reddit.com

blueteamsec forensics research security +1

Thanking the vulnerability research community with NCSC Challenge Coins 1 week ago | www.reddit.com

blueteamsec challenge community ncsc +3

[We evaluated] the security of the top three fingerprint sensors embedded in laptops and used … 1 week ago | www.reddit.com

authentication blueteamsec bypass embedded +12

Former chief operating officer of a cybersecurity company has pleaded guilty to hacking two hospitals, … 1 week ago | www.reddit.com

blueteamsec business center chief +10

NTFS Timestamps on macOS 1 week, 1 day ago | www.reddit.com

blogs blueteamsec change file +6

Unveiling LummaC2 stealer’s novel Anti-Sandbox technique: Leveraging trigonometry for human behavior detection 1 week, 1 day ago | www.reddit.com

behavior detection blueteamsec detection human +6

New Java-Based Rude Stealer abuses DirectX Diagnostic Tool 1 week, 1 day ago | www.reddit.com

blueteamsec directx java stealer +1

Velociraptor DEATHcon 2023 - Watch the video and / or walk through the lab descriptions … 1 week, 2 days ago | www.reddit.com

ask blueteamsec descriptions free +5

HavocExploit: A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc. 1 week, 2 days ago | www.reddit.com

authentication blueteamsec dos exploit +5

APT predictions 2024 1 week, 2 days ago | www.reddit.com

apt blueteamsec predictions

Threat Intelligence Malware Analysis: SolarMarker — To Jupyter and Back - SolarMarker uses process injection … 1 week, 3 days ago | www.reddit.com

analysis back blueteamsec data +13

DumpKernel-S1.ps1: Dumps the Kernel via SentinelOne 1 week, 3 days ago | www.reddit.com

blueteamsec kernel sentinelone

Program Agenda: 2023 FIRST Cyber Threat Intelligence Conference - TLP Clear presentations available now 1 week, 3 days ago | www.reddit.com

blueteamsec clear conference cyber +8

JA4+ for Zeek: This will add JA4+ fingerprints to zeek logs 1 week, 3 days ago | www.reddit.com

blueteamsec fingerprints logs zeek

Israeli Hacker-For-Hire Sentenced To 80 Months In Prison For Involvement In Massive Spearphishing Campaign 1 week, 4 days ago | www.reddit.com

blueteamsec campaign hacker hire +4

Hunting Sandworm Team’s TTPs 1 week, 4 days ago | www.reddit.com

blueteamsec hunting sandworm team +1

Ignite News: Augment your EDR with deception tactics to catch adversaries early 1 week, 5 days ago | www.reddit.com

adversaries blueteamsec catch deception +3

This tool will help you configure the Attack Surface Reduction rules in Microsoft Defender for … 1 week, 5 days ago | www.reddit.com

attack attack surface blueteamsec defender +6

The Swiss Knife - SystemBC | Coroxy 1 week, 5 days ago | www.reddit.com

blueteamsec knife systembc

APT29 attacks Embassies using CVE-2023-38831 1 week, 5 days ago | www.reddit.com

apt29 attacks blueteamsec cve +1

Keeping abreast with CVEs - what tools/services are available 1 week, 6 days ago | www.reddit.com

blueteamsec cve cves down +10

an Intel Ice Lake CPU vulnerability, we can effectively corrupt the RoB with redundant prefixes 1 week, 6 days ago | www.reddit.com

blueteamsec corrupt cpu cpu vulnerability +6

FBI Takedown: IPStorm Botnet Infrastructure Dismantled 1 week, 6 days ago | www.reddit.com

HostingHunter Series: CHANG WAY TECHNOLOGIES CO. LIMITED 1 week, 6 days ago | www.reddit.com

blueteamsec series technologies

TA402 Uses Complex IronWind Infection Chains to Target Middle East-Based Government Entities 2 weeks ago | www.reddit.com

blueteamsec entities government infection +4

CVE Watcher: Hunting Down CVEs Before the Patch Drops 2 weeks, 1 day ago | www.reddit.com

BlazeStealer - Python obfuscation traps targeting developers 2 weeks, 1 day ago | www.reddit.com

blueteamsec developers obfuscation python +1

The attack against Danish critical infrastructure: Report on the largest cyber attack against Danish critical … 2 weeks, 2 days ago | www.reddit.com

attack blueteamsec critical critical infrastructure +8

Okta Incident Response Notes and Threat Hunting in Okta 2 weeks, 2 days ago | www.reddit.com

blueteamsec hunting incident incident response +4

ChatGPT - IoC Analyzer 2 weeks, 3 days ago | www.reddit.com

blueteamsec chatgpt ioc

Demystifying Cobalt Strike’s “make_token” Command 2 weeks, 3 days ago | www.reddit.com

blueteamsec cobalt cobalt strike command +1

Cyber forensics training from Computer Incident Response Center Luxemburg 2 weeks, 4 days ago | www.reddit.com

blueteamsec center computer cyber +6

Modern Asian APT groups’ tactics, techniques and procedures (TTPs) 2 weeks, 4 days ago | www.reddit.com

apt apt groups blueteamsec procedures +4

Multi Source Analysis of Top MITRE ATT&CK Techniques 2 weeks, 5 days ago | www.reddit.com

analysis att blueteamsec mitre +2

Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology 2 weeks, 5 days ago | www.reddit.com

attack blueteamsec novel operational +5

On Friday, November 3rd, 2023, Sumo Logic discovered evidence of a potential security incident 2 weeks, 6 days ago | www.reddit.com

blueteamsec incident logic november +3

SysAid On-Prem Software CVE-2023-47246 Vulnerability - SysAid 2 weeks, 6 days ago | www.reddit.com

blueteamsec cve cve-2023-47246 on-prem +3

Indian Journalists Targeted with State Intimidation and Spyware 2 weeks, 6 days ago | www.reddit.com

blueteamsec intimidation journalists spyware +1

Ransomware manager: Investigation into farnetwork, a threat actor linked to five strains of ransomware 2 weeks, 6 days ago | www.reddit.com

actor blueteamsec investigation manager +3

The Triforce of Initial Access 3 weeks ago | www.reddit.com

access blueteamsec initial access

Detecting DNS over HTTPS 3 weeks ago | www.reddit.com

blueteamsec dns dns over https https

Chinese hacker group was in the network of Dutch chip manufacturer NXP for years 4 days, 11 hours ago | www.reddit.com

blueteamsec chinese chinese hacker group chip +5

AD-Canaries: The purpose of this project is to publish and maintain the deployment PowerShell script … 4 days, 3 hours ago | www.reddit.com

active directory blueteamsec deployment directory +5

GPPDeception: This script generates a groups.xml file that mimics a real GPP to create a … 2 days, 23 hours ago | www.reddit.com

blueteamsec computers domain file +4

Active Directory Hunting - Set up advanced monitoring with Sysmon and the Security Onion! 3 days, 15 hours ago | www.reddit.com

active directory advanced blueteamsec directory +5

Process Injection - Avoiding Kernel Triggered Memory Scans. 3 days, 17 hours ago | www.reddit.com

blueteamsec injection kernel memory +3

How do you make your developers care about security? 1 day, 23 hours ago | www.reddit.com

authentication aware best practices blueteamsec +10

GnuTLS: timing sidechannel in RSA-PSK key exchange - A vulnerability was found that the response … 3 days, 20 hours ago | www.reddit.com

blueteamsec exchange found gnutls +9

ETW internals for security research and forensics 6 days, 8 hours ago | www.reddit.com

blueteamsec forensics research security +1

Fastly announces plans to block domain fronting in February 2024 5 days, 6 hours ago | www.reddit.com

block blueteamsec domain fastly +2

Really Useful Logging and Event Repository (RULER) Project: I was often coming across issues where … 3 days, 2 hours ago | www.reddit.com

applications blueteamsec coming event +8

The operator of a data recovery company who extorted 2.6 billion won from 730 hacking … 4 days, 3 hours ago | www.reddit.com

arrested blueteamsec data data recovery +2

Items published with this topic over the last 90 days.

Latest

IceKube: Finding complex attack paths in Kubernetes clusters 16 hours ago | www.reddit.com

attack attack paths blueteamsec clusters +2

Icekube (bloodhound for Kubernetes) 1 day, 13 hours ago | www.reddit.com

Abusing .NET Core CLR Diagnostic Features (+ CVE-2023-33127) 1 day, 19 hours ago | www.reddit.com

abusing blueteamsec cve features

Identifying Suspected PrivateLoader Servers with Censys 1 day, 21 hours ago | www.reddit.com

blueteamsec censys privateloader servers

How do you make your developers care about security? 1 day, 23 hours ago | www.reddit.com

authentication aware best practices blueteamsec +10

NIST - Identify: Tools recommendation 2 days, 4 hours ago | www.reddit.com

asset blueteamsec compliance identify +11

Identifying Suspected PrivateLoader Servers with Censys 2 days, 20 hours ago | www.reddit.com

GPPDeception: This script generates a groups.xml file that mimics a real GPP to create a … 2 days, 23 hours ago | www.reddit.com

blueteamsec computers domain file +4

Really Useful Logging and Event Repository (RULER) Project: I was often coming across issues where … 3 days, 2 hours ago | www.reddit.com

applications blueteamsec coming event +8

Active Directory Hunting - Set up advanced monitoring with Sysmon and the Security Onion! 3 days, 15 hours ago | www.reddit.com

active directory advanced blueteamsec directory +5

Process Injection - Avoiding Kernel Triggered Memory Scans. 3 days, 17 hours ago | www.reddit.com

blueteamsec injection kernel memory +3

GnuTLS: timing sidechannel in RSA-PSK key exchange - A vulnerability was found that the response … 3 days, 20 hours ago | www.reddit.com

blueteamsec exchange found gnutls +9

AD-Canaries: The purpose of this project is to publish and maintain the deployment PowerShell script … 4 days, 3 hours ago | www.reddit.com

active directory blueteamsec deployment directory +5

The operator of a data recovery company who extorted 2.6 billion won from 730 hacking … 4 days, 3 hours ago | www.reddit.com

arrested blueteamsec data data recovery +2

Chinese hacker group was in the network of Dutch chip manufacturer NXP for years 4 days, 11 hours ago | www.reddit.com

blueteamsec chinese chinese hacker group chip +5

copacetic: 🧵 CLI tool for directly patching container images using reports from vulnerability scanners 5 days, 2 hours ago | www.reddit.com

blueteamsec cli container container images +7

Bluehat 2023 video 5 days, 6 hours ago | www.reddit.com

bluehat blueteamsec video

Spyware attack attempts on mobile devices of members of civil society discovered | SHARE Foundation 5 days, 6 hours ago | www.reddit.com

attack blueteamsec civil civil society +7

Fastly announces plans to block domain fronting in February 2024 5 days, 6 hours ago | www.reddit.com

block blueteamsec domain fastly +2

ETW internals for security research and forensics 6 days, 8 hours ago | www.reddit.com

blueteamsec forensics research security +1

Thanking the vulnerability research community with NCSC Challenge Coins 1 week ago | www.reddit.com

blueteamsec challenge community ncsc +3

[We evaluated] the security of the top three fingerprint sensors embedded in laptops and used … 1 week ago | www.reddit.com

authentication blueteamsec bypass embedded +12

Former chief operating officer of a cybersecurity company has pleaded guilty to hacking two hospitals, … 1 week ago | www.reddit.com

blueteamsec business center chief +10

NTFS Timestamps on macOS 1 week, 1 day ago | www.reddit.com

blogs blueteamsec change file +6

Unveiling LummaC2 stealer’s novel Anti-Sandbox technique: Leveraging trigonometry for human behavior detection 1 week, 1 day ago | www.reddit.com

behavior detection blueteamsec detection human +6

New Java-Based Rude Stealer abuses DirectX Diagnostic Tool 1 week, 1 day ago | www.reddit.com

blueteamsec directx java stealer +1

Velociraptor DEATHcon 2023 - Watch the video and / or walk through the lab descriptions … 1 week, 2 days ago | www.reddit.com

ask blueteamsec descriptions free +5

HavocExploit: A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc. 1 week, 2 days ago | www.reddit.com

authentication blueteamsec dos exploit +5

APT predictions 2024 1 week, 2 days ago | www.reddit.com

apt blueteamsec predictions

Threat Intelligence Malware Analysis: SolarMarker — To Jupyter and Back - SolarMarker uses process injection … 1 week, 3 days ago | www.reddit.com

analysis back blueteamsec data +13

DumpKernel-S1.ps1: Dumps the Kernel via SentinelOne 1 week, 3 days ago | www.reddit.com

blueteamsec kernel sentinelone

Program Agenda: 2023 FIRST Cyber Threat Intelligence Conference - TLP Clear presentations available now 1 week, 3 days ago | www.reddit.com

blueteamsec clear conference cyber +8

JA4+ for Zeek: This will add JA4+ fingerprints to zeek logs 1 week, 3 days ago | www.reddit.com

blueteamsec fingerprints logs zeek

Israeli Hacker-For-Hire Sentenced To 80 Months In Prison For Involvement In Massive Spearphishing Campaign 1 week, 4 days ago | www.reddit.com

blueteamsec campaign hacker hire +4

Hunting Sandworm Team’s TTPs 1 week, 4 days ago | www.reddit.com

blueteamsec hunting sandworm team +1

Ignite News: Augment your EDR with deception tactics to catch adversaries early 1 week, 5 days ago | www.reddit.com

adversaries blueteamsec catch deception +3

This tool will help you configure the Attack Surface Reduction rules in Microsoft Defender for … 1 week, 5 days ago | www.reddit.com

attack attack surface blueteamsec defender +6

The Swiss Knife - SystemBC | Coroxy 1 week, 5 days ago | www.reddit.com

blueteamsec knife systembc

APT29 attacks Embassies using CVE-2023-38831 1 week, 5 days ago | www.reddit.com

apt29 attacks blueteamsec cve +1

Keeping abreast with CVEs - what tools/services are available 1 week, 6 days ago | www.reddit.com

blueteamsec cve cves down +10

an Intel Ice Lake CPU vulnerability, we can effectively corrupt the RoB with redundant prefixes 1 week, 6 days ago | www.reddit.com

blueteamsec corrupt cpu cpu vulnerability +6

FBI Takedown: IPStorm Botnet Infrastructure Dismantled 1 week, 6 days ago | www.reddit.com

HostingHunter Series: CHANG WAY TECHNOLOGIES CO. LIMITED 1 week, 6 days ago | www.reddit.com

blueteamsec series technologies

TA402 Uses Complex IronWind Infection Chains to Target Middle East-Based Government Entities 2 weeks ago | www.reddit.com

blueteamsec entities government infection +4

CVE Watcher: Hunting Down CVEs Before the Patch Drops 2 weeks, 1 day ago | www.reddit.com

BlazeStealer - Python obfuscation traps targeting developers 2 weeks, 1 day ago | www.reddit.com

blueteamsec developers obfuscation python +1

The attack against Danish critical infrastructure: Report on the largest cyber attack against Danish critical … 2 weeks, 2 days ago | www.reddit.com

attack blueteamsec critical critical infrastructure +8

Okta Incident Response Notes and Threat Hunting in Okta 2 weeks, 2 days ago | www.reddit.com

blueteamsec hunting incident incident response +4

ChatGPT - IoC Analyzer 2 weeks, 3 days ago | www.reddit.com

blueteamsec chatgpt ioc

Demystifying Cobalt Strike’s “make_token” Command 2 weeks, 3 days ago | www.reddit.com

blueteamsec cobalt cobalt strike command +1

Cyber forensics training from Computer Incident Response Center Luxemburg 2 weeks, 4 days ago | www.reddit.com

blueteamsec center computer cyber +6

Modern Asian APT groups’ tactics, techniques and procedures (TTPs) 2 weeks, 4 days ago | www.reddit.com

apt apt groups blueteamsec procedures +4

Multi Source Analysis of Top MITRE ATT&CK Techniques 2 weeks, 5 days ago | www.reddit.com

analysis att blueteamsec mitre +2

Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology 2 weeks, 5 days ago | www.reddit.com

attack blueteamsec novel operational +5

On Friday, November 3rd, 2023, Sumo Logic discovered evidence of a potential security incident 2 weeks, 6 days ago | www.reddit.com

blueteamsec incident logic november +3

SysAid On-Prem Software CVE-2023-47246 Vulnerability - SysAid 2 weeks, 6 days ago | www.reddit.com

blueteamsec cve cve-2023-47246 on-prem +3

Indian Journalists Targeted with State Intimidation and Spyware 2 weeks, 6 days ago | www.reddit.com

blueteamsec intimidation journalists spyware +1

Ransomware manager: Investigation into farnetwork, a threat actor linked to five strains of ransomware 2 weeks, 6 days ago | www.reddit.com

actor blueteamsec investigation manager +3

The Triforce of Initial Access 3 weeks ago | www.reddit.com

access blueteamsec initial access

Detecting DNS over HTTPS 3 weeks ago | www.reddit.com

blueteamsec dns dns over https https

Top (last 7 days)

Chinese hacker group was in the network of Dutch chip manufacturer NXP for years 4 days, 11 hours ago | www.reddit.com

blueteamsec chinese chinese hacker group chip +5

AD-Canaries: The purpose of this project is to publish and maintain the deployment PowerShell script … 4 days, 3 hours ago | www.reddit.com

active directory blueteamsec deployment directory +5

GPPDeception: This script generates a groups.xml file that mimics a real GPP to create a … 2 days, 23 hours ago | www.reddit.com

blueteamsec computers domain file +4

Active Directory Hunting - Set up advanced monitoring with Sysmon and the Security Onion! 3 days, 15 hours ago | www.reddit.com

active directory advanced blueteamsec directory +5

Process Injection - Avoiding Kernel Triggered Memory Scans. 3 days, 17 hours ago | www.reddit.com

blueteamsec injection kernel memory +3

How do you make your developers care about security? 1 day, 23 hours ago | www.reddit.com

authentication aware best practices blueteamsec +10

GnuTLS: timing sidechannel in RSA-PSK key exchange - A vulnerability was found that the response … 3 days, 20 hours ago | www.reddit.com

blueteamsec exchange found gnutls +9

ETW internals for security research and forensics 6 days, 8 hours ago | www.reddit.com

blueteamsec forensics research security +1

Fastly announces plans to block domain fronting in February 2024 5 days, 6 hours ago | www.reddit.com

block blueteamsec domain fastly +2

Really Useful Logging and Event Repository (RULER) Project: I was often coming across issues where … 3 days, 2 hours ago | www.reddit.com

applications blueteamsec coming event +8

The operator of a data recovery company who extorted 2.6 billion won from 730 hacking … 4 days, 3 hours ago | www.reddit.com

arrested blueteamsec data data recovery +2

Security Analyst Consultant

@ Kalles Group | Seattle Area

View on infosec-jobs.com

Principal Engineer - SecEng (Prisma Cloud Application Security)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel

View on infosec-jobs.com

Privacy Officer BeNeLux

@ Wolters Kluwer | NLD - Alphen Aan Den Rijn

View on infosec-jobs.com

Senior Information Security Specialist :Threat Intelligence

@ NTT DATA | Johannesburg, South Africa

View on infosec-jobs.com

Cyber Security - SOC Analyst (L2)

@ WPP | Chennai

View on infosec-jobs.com

Cybersecurity Analyst - A&A Support

@ Maveris | Washington, District of Columbia, United States - Remote

View on infosec-jobs.com