CIRCLE WITH A DOT

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

blueteamsec@infosec.exchange

@blueteamsec@infosec.exchange

Topics

B

Phantom-Evasion-Loader: a standalone, pure x64 Assembly injection engine engineered to minimize the detection surface of modern EDR/XDR solutions and Kernel-level monitors like Falco (eBPF).
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized blueteamsec
1

0 Votes

1 Posts

0 Views

B

Phantom-Evasion-Loader: a standalone, pure x64 Assembly injection engine engineered to minimize the detection surface of modern EDR/XDR solutions and Kernel-level monitors like Falco (eBPF). https://infosec.pub/post/44946560 [https://infosec.pub/u/digicat] #blueteamsec
B

KSLDBYOVDARK: Abusing Some Defects in KSLD Ark driver https://infosec.pub/post/44889082 [https://infosec.pub/u/digicat] #blueteamsec
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized blueteamsec
1

0 Votes

1 Posts

0 Views

B

KSLDBYOVDARK: Abusing Some Defects in KSLD Ark driver https://infosec.pub/post/44889082 [https://infosec.pub/u/digicat] #blueteamsec
B

EXPMON detected sophisticated zero-day fingerprinting attack targeting Adobe Reader users https://infosec.pub/post/44826435 [https://infosec.pub/u/digicat] #blueteamsec
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized blueteamsec
1

0 Votes

1 Posts

0 Views

B

EXPMON detected sophisticated zero-day fingerprinting attack targeting Adobe Reader users https://infosec.pub/post/44826435 [https://infosec.pub/u/digicat] #blueteamsec
B

Adobe eeleased a security update for Adobe Acrobat and Reader for Windows/macOS.
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized blueteamsec
1

0 Votes

1 Posts

0 Views

B

Adobe eeleased a security update for Adobe Acrobat and Reader for Windows/macOS. Successful exploitation leads to code execution. Adobe is aware of CVE-2026-34621 being exploited https://infosec.pub/post/44826773 [https://infosec.pub/u/digicat] #blueteamsec
B

Adobe Reader zero-day vulnerability in active exploitation https://infosec.pub/post/44826428 [https://infosec.pub/u/digicat] #blueteamsec
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized blueteamsec
1

0 Votes

1 Posts

0 Views

B

Adobe Reader zero-day vulnerability in active exploitation https://infosec.pub/post/44826428 [https://infosec.pub/u/digicat] #blueteamsec
B

Protecting Cookies with Device Bound Session Credentials https://infosec.pub/post/44825439 [https://infosec.pub/u/digicat] #blueteamsec
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized blueteamsec
1

0 Votes

1 Posts

0 Views

B

Protecting Cookies with Device Bound Session Credentials https://infosec.pub/post/44825439 [https://infosec.pub/u/digicat] #blueteamsec
B

HWMonitor and CPU-Z downloads hijacked to deliver malware to users https://infosec.pub/post/44825387 [https://infosec.pub/u/digicat] #blueteamsec
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized blueteamsec
1

0 Votes

1 Posts

0 Views

B

HWMonitor and CPU-Z downloads hijacked to deliver malware to users https://infosec.pub/post/44825387 [https://infosec.pub/u/digicat] #blueteamsec
B

windbg-mcp: An MCP (Model Context Protocol) server that turns all pybag Windows debugger functions into native MCP tools.
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized blueteamsec
1

0 Votes

1 Posts

0 Views

B

windbg-mcp: An MCP (Model Context Protocol) server that turns all pybag Windows debugger functions into native MCP tools. control user-mode processes, kernel sessions, and crash dump an https://infosec.pub/post/44296863 [https://infosec.pub/u/digicat] #blueteamsec
B

The Offense Death Cycle: Proactive Environmental Control as a Method of Persistent Cyber Defense https://infosec.pub/post/44293275 [https://infosec.pub/u/digicat] #blueteamsec
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized blueteamsec
1

0 Votes

1 Posts

0 Views

B

The Offense Death Cycle: Proactive Environmental Control as a Method of Persistent Cyber Defense https://infosec.pub/post/44293275 [https://infosec.pub/u/digicat] #blueteamsec
B

Supply Chain Attack on Axios Pulls Malicious Dependency from npm https://infosec.pub/post/44245267 [https://infosec.pub/u/digicat] #blueteamsec
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized blueteamsec
1

0 Votes

1 Posts

0 Views

B

Supply Chain Attack on Axios Pulls Malicious Dependency from npm https://infosec.pub/post/44245267 [https://infosec.pub/u/digicat] #blueteamsec
B

Drifter: C2 traffic dressed as camera management https://infosec.pub/post/44214583 [https://infosec.pub/u/digicat] #blueteamsec
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized blueteamsec
1

0 Votes

1 Posts

0 Views

B

Drifter: C2 traffic dressed as camera management https://infosec.pub/post/44214583 [https://infosec.pub/u/digicat] #blueteamsec
B

Unwind Data Can't Sleep - Introducing InsomniacUnwinding https://infosec.pub/post/44214642 [https://infosec.pub/u/digicat] #blueteamsec
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized blueteamsec
1

0 Votes

1 Posts

0 Views

B

Unwind Data Can't Sleep - Introducing InsomniacUnwinding https://infosec.pub/post/44214642 [https://infosec.pub/u/digicat] #blueteamsec
B

ChatGPT Data Leakage via a Hidden Outbound Channel in the Code Execution Runtime https://infosec.pub/post/44214635 [https://infosec.pub/u/digicat] #blueteamsec
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized blueteamsec
1

0 Votes

1 Posts

0 Views

B

ChatGPT Data Leakage via a Hidden Outbound Channel in the Code Execution Runtime https://infosec.pub/post/44214635 [https://infosec.pub/u/digicat] #blueteamsec
B

New widespread EvilTokens kit: device code phishing as-a-service - Part 1 https://infosec.pub/post/44214577 [https://infosec.pub/u/digicat] #blueteamsec
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized blueteamsec
1

0 Votes

1 Posts

0 Views

B

New widespread EvilTokens kit: device code phishing as-a-service - Part 1 https://infosec.pub/post/44214577 [https://infosec.pub/u/digicat] #blueteamsec
B

threat-modeling-mcp-server: A Model Context Protocol (MCP) server for comprehensive threat modeling with automatic code validation.
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized blueteamsec
1

0 Votes

1 Posts

0 Views

B

threat-modeling-mcp-server: A Model Context Protocol (MCP) server for comprehensive threat modeling with automatic code validation. https://infosec.pub/post/44167917 [https://infosec.pub/u/digicat] #blueteamsec
B

K000156741: F5 BIG-IP APM vulnerability CVE-2025-53521 - from October - K000160486: Indicators of Compromise for c05d5254 from March https://infosec.pub/post/44104816 [https://infosec.pub/u/digicat] #blueteamsec
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized blueteamsec
1

0 Votes

1 Posts

0 Views

B

K000156741: F5 BIG-IP APM vulnerability CVE-2025-53521 - from October - K000160486: Indicators of Compromise for c05d5254 from March https://infosec.pub/post/44104816 [https://infosec.pub/u/digicat] #blueteamsec
B

gh-safe-repo: Python CLI that creates GitHub repos with safe defaults — branch protection, Dependabot, secret scanning, and pre-flight security scanning — applied automatically.
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized blueteamsec
1

0 Votes

1 Posts

0 Views

B

gh-safe-repo: Python CLI that creates GitHub repos with safe defaults — branch protection, Dependabot, secret scanning, and pre-flight security scanning — applied automatically. https://infosec.pub/post/44104770 [https://infosec.pub/u/digicat] #blueteamsec
B

Advancing Windows driver security: Removing trust for the cross-signed driver program https://infosec.pub/post/44103144 [https://infosec.pub/u/digicat] #blueteamsec
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized blueteamsec
1

0 Votes

1 Posts

0 Views

B

Advancing Windows driver security: Removing trust for the cross-signed driver program https://infosec.pub/post/44103144 [https://infosec.pub/u/digicat] #blueteamsec
B

Under CTRL: Dissecting a Previously Undocumented Russian
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized blueteamsec
1

0 Votes

1 Posts

0 Views

B

Under CTRL: Dissecting a Previously Undocumented Russian .Net Access Framework https://infosec.pub/post/44103202 [https://infosec.pub/u/digicat] #blueteamsec
B

Weaponizing Legitimate Low-Level Tools: How Ransomware Evades Antivirus Protections https://infosec.pub/post/44103193 [https://infosec.pub/u/digicat] #blueteamsec
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized blueteamsec
1

0 Votes

1 Posts

0 Views

B

Weaponizing Legitimate Low-Level Tools: How Ransomware Evades Antivirus Protections https://infosec.pub/post/44103193 [https://infosec.pub/u/digicat] #blueteamsec