r/blueteamsec

: "Flying Under the Radar: Abusing GitHub for Malicious Infrastructure"

: "Microsoft, HPE hacks by Russia are just the tip of the iceberg - Microsoft said late Thursday that it had found more victims and was in the process of notifying them."

: "BobTheSmuggler: "Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypt and then hides inside PNG/GIF image file format (Image Polyglots)"

: "Outlook Vulnerability Discovery and New Ways to Leak NTLM Hashes"

: "Symon 15.12 is out now"

: "Anydesk potential code signing certificate breach"

: "deluder: Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock and Linux Sockets out of the box. ⚡"

: "How We Were Able to Infiltrate Attacker Telegram Bots"

: "AnyDesk Incident Response 2-2-2024"

: "An introduction to reverse engineering .NET AOT applications - AOT compilation was used by DuckTail out of Vietnam"

: "Prevent credential exposure with OIDC for GitHub Actions"

: "High Fidelity LDAP alerting"

: "Ultimate-RAT-Collection: For educational purposes only, samples of old & new malware builders including screenshots!"

: "CTO at NCSC Summary: week ending February 4th"