"Blue Team Alerts" — @blueteamalerts Telegram-kanali

Blue Team Alerts

11 Mar, 23:17

Detecting and Mitigating the Apache Camel Vulnerability CVE-2025-27636
https://ift.tt/jt6oqwD

Discuss on Reddit: https://ift.tt/NYRzxZq
@blueteamalerts

Detecting and Mitigating the Apache Camel Vulnerability CVE-2025-27636 | Akamai

Akamai researchers have created detection scripts and additional details for the Apache Camel vulnerability CVE-2025-27636.

65 0 2

Blue Team Alerts

11 Mar, 17:18

Malware IOC - SavageLadyBug - AnubisBackdoor
https://ift.tt/iMJHj8q

Discuss on Reddit: https://ift.tt/hPkAY1G
@blueteamalerts

malware-ioc/SavageLadybug/AnubisBackdoor.md at master · prodaft/malware-ioc

This repository contains indicators of compromise (IOCs) of our various investigations. - prodaft/malware-ioc

568 0 4 1

What do you use for threat intel social media monitoring?
I found this thread from 6 years ago, talking about how TweetDeck was superb for monitoring cybernews (back when it was free, better days) and how to set it up. Now, TweetDeck is paid for - and even if we did pay for it, many people have left for Bluesky, Mastodon and Threads.The problem is finding a panel that can capture all of these sources. Mastodon isn't hard for porting through Twitter (sorry, X), as you get some websites, e.g. x.good.news, that bridge over tweets from over there to Mastodon. That would save paying for a Twitter API key. Even without that, three other websites as social media sources isn't particularly bad.My question is, what do you & your teams use for social media threat intelligence right now? Do you now pay to carry on using TweetDeck, or are there other solutions being used?

Discuss on Reddit: https://ift.tt/vtIYgq0
@blueteamalerts

From the SecurityBlueTeam community on Reddit

Explore this post and more from the SecurityBlueTeam community

244 0 0 1

Blue Team Alerts

11 Mar, 08:17

Internet Crime Complaint Center (IC3) | Beijing Leveraging Freelance Hackers and Information Security Companies to Compromise Computer Networks Worldwide
https://ift.tt/j0hNxov

Discuss on Reddit: https://ift.tt/cgQnqhB
@blueteamalerts

323 0 2

Blue Team Alerts

10 Mar, 23:18

Unraveling Time: A Deep Dive into TTD Instruction Emulation Bugs
https://ift.tt/XglpukB

Discuss on Reddit: https://ift.tt/pMH9Ihw
@blueteamalerts

Unraveling Time: A Deep Dive into TTD Instruction Emulation Bugs | Google Cloud Blog

A deep technical dive into the intricacies of instruction emulation within Microsoft's Time Travel Debugging (TTD) framework.

386 0 2

Blue Team Alerts

10 Mar, 23:18

AI Agents in Security Operations
Hey channelSo, I've been doing alot of research and brainstorming Also attended countless webinars on AI and how it affects Cybersecurity So here's my current question, what areas do you think AI agents would optimize the SOC of any organisation?I'm open to ideas...

Discuss on Reddit: https://ift.tt/I7Oel9H
@blueteamalerts

From the blueteamsec community on Reddit

Explore this post and more from the blueteamsec community

356 0 3

Blue Team Alerts

10 Mar, 10:17

Compromising Threat Actor Communications
I recently "compromised" a threat actors Telegram based C2 channel that was used for exfiltration of stolen data from the Nova infostealer. The threat actor stupidly tested their infostealing malware on their OWN production "hacking" box. From this, I was able to gather 100+ screenshots & keylogs from the threat actors desktop - which exposed the campaigns he was performing, additional infrastructure he owned & lots of his plaintext credentials!Writeup of the compromise of communications & analysis of threat actor campaigns: https://polygonben.github.io/malware%20analysis/Compromising-Threat-Actor-Communications/Malware analysis of the Nova sample associated with this threat actor:https://polygonben.github.io/malware%20analysis/Nova-Analysis/

Discuss on Reddit: https://ift.tt/LipBHIk
@blueteamalerts

Compromising Threat Actor Communications

Traditionally, the vast majority of malware would communicate to a threat actor owned server via a threat actor owned domain or IP address. This domain or IP would likely be hardcoded within the malware sample somewhere, such that when executed, it would reach out to establish Command and Control (C...

409 0 10

Blue Team Alerts

10 Mar, 09:17

Texas Man Convicted of Sabotaging his Employer’s Computer Systems and Deleting Data
https://ift.tt/qR6reSd

Discuss on Reddit: https://ift.tt/PhD0aLB
@blueteamalerts

Texas Man Convicted of Sabotaging his Employer’s Computer Systems and

A federal jury in Cleveland convicted a Texas man today for writing and deploying malicious code on his former employer’s network.

373 0 2

Blue Team Alerts

10 Mar, 08:18

Unveiling EncryptHub: Analysis of a multi-stage malware campaign - "our investigation uncover[s] previously unseen aspects of their infrastructure, tooling, and behavioral patterns."
https://ift.tt/tP0RqBU

Discuss on Reddit: https://ift.tt/SlQuOvr
@blueteamalerts

Unveiling EncryptHub: Analysis of a multi-stage malware campaign

Learn what our threat intelligence researchers have uncovered about a new threat actor using multi-stage malware: EncryptHub.

361 0 4

Blue Team Alerts

10 Mar, 06:17

Elearnsecurity (eCIR exam) plz give me advice guys
HI guys, i do lot of labs in cyberdefenders. these are wireshark, splunk, elk labs. and i got BTL1 certificate 7-8 month ago, i want to know that am i ready for eCIR exam or not.
but i have one problem : i dont know how can i start the IR in exam, because there is not any questions.
CAN you you give me general advice about eCIR exam?

Discuss on Reddit: https://ift.tt/f3cYhPG
@blueteamalerts

From the blueteamsec community on Reddit

Explore this post and more from the blueteamsec community

364 0 3

Blue Team Alerts

9 Mar, 22:17

Not Lost in Translation: Rosetta 2 Artifacts in macOS Intrusions
https://ift.tt/GEMjyiO

Discuss on Reddit: https://ift.tt/LCY3Ec8
@blueteamalerts

Not Lost in Translation: Rosetta 2 Artifacts in macOS Intrusions | Google Cloud Blog

Guidance for investigating macOS intrusions where sophisticated threat actors are taking steps to hide their activity.

364 0 1

Blue Team Alerts

9 Mar, 18:17

CVE-2025-27607: Python JSON Logger is a JSON Formatter for Python Logging. Between 30 December 2024 and 4 March 2025 Python JSON Logger was vulnerable to RCE through a missing dependency
https://ift.tt/67UKklc

Discuss on Reddit: https://ift.tt/uxkWUhG
@blueteamalerts

426 0 2

Blue Team Alerts

9 Mar, 18:17

Update: Stopping Cybercriminals from Abusing Cobalt Strike | Cobalt Strike - "Over the past two years, the number of unauthorized copies of Cobalt Strike observed in the wild has decreased by 80%" - including domain seizures as a tool
https://ift.tt/cLpN5WE

Discuss on Reddit: https://ift.tt/vVWOj2w
@blueteamalerts

Update: Stopping Cybercriminals from Abusing Cobalt Strike | Cobalt Strike

Updates on the joint efforts of Microsoft’s Digital Crimes Unit (DCU), Fortra, and Health-ISAC to combat the use of unauthorized, legacy copies of Cobalt Strike

400 0 1

Blue Team Alerts

9 Mar, 18:17

Using RDP without leaving traces: the MSTSC public mode
https://ift.tt/8NBv7t9

Discuss on Reddit: https://ift.tt/Qp8Yc2m
@blueteamalerts

Using RDP without leaving traces: the MSTSC public mode

Learn how MSTSC’s /public mode works! It blocks credential caching, session details, and bitmap storage, enhancing security. Discover its impact and how to reset MSTSC for a clean slate.

344 0 6

Blue Team Alerts

9 Mar, 16:17

100DaysOfKQL/Day 66 - Sysinternals Usage
https://ift.tt/wA25s6t

Discuss on Reddit: https://ift.tt/yqaBN5k
@blueteamalerts

DE-TH-Aura/100DaysOfKQL/Day 66 - Sysinternals Usage.md at main · SecurityAura/DE-TH-Aura

Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or even inspiration). - SecurityAura/DE-TH-Aura

340 0 5

Blue Team Alerts

9 Mar, 15:17

Measuring the Success of Your Adversary Simulations
https://ift.tt/FneTNAM

Discuss on Reddit: https://ift.tt/L3dYUf7
@blueteamalerts

Measuring the Success of Your Adversary Simulations

318 0 2

Blue Team Alerts

9 Mar, 15:17

Kerberoasting w/o the TGS-REQ
https://ift.tt/I2Acek5

Discuss on Reddit: https://ift.tt/XJZFvap
@blueteamalerts

Kerberoasting w/o the TGS-REQ

Kerberoasting is a technique that allows an attacker to extract the encrypted part of a TGS-REP and brute force it offline to recover the plaintext password of the associated service account. The most common method of obtaining TGS-REPs is for the attacker to send TGS-REQs to the KDC for one

295 0 7

Blue Team Alerts

9 Mar, 14:17

RedExt: Chrome browser extension-based Command & Control
https://ift.tt/LaiX9IU

Discuss on Reddit: https://ift.tt/bsO2eEx
@blueteamalerts

GitHub - Darkrain2009/RedExt: Chrome browser extension-based Command & Control

Chrome browser extension-based Command & Control. Contribute to Darkrain2009/RedExt development by creating an account on GitHub.

293 0 6

Blue Team Alerts

9 Mar, 14:17

REverse_2025: UEFI Bootkit Hunting- In-Depth Search for Unique Code Behavior
https://ift.tt/6IavRBC

Discuss on Reddit: https://ift.tt/u7GJPyW
@blueteamalerts

Research_Publications/REverse_2025/UEFI Bootkit Hunting- In-Depth Search for Unique Code Behavior.pdf at main · binarly-io/Research_Publications

Contribute to binarly-io/Research_Publications development by creating an account on GitHub.

261 0 4

Blue Team Alerts

9 Mar, 14:17

100-Days-of-YARA-2025/Day67: Detects a Windows executable responsible for loading Sosano backdoor that is used by UNK_CraftyCamel based on strings
https://ift.tt/sB8ETck

Discuss on Reddit: https://ift.tt/qAHfMTJ
@blueteamalerts

100-Days-of-YARA-2025/Day67.yara at main · RustyNoob-619/100-Days-of-YARA-2025

100 Days of YARA is a challenge to write a YARA rule every day for 100 days - RustyNoob-619/100-Days-of-YARA-2025

247 0 5

TGStat Bot

Telegram Analytics

TGAlertsBot

SearcheeBot

Blue Team Alerts

Kanal geosi va tili

Toifa

Blue Team Alerts

Blue Team Alerts

Blue Team Alerts

Blue Team Alerts

Blue Team Alerts

Blue Team Alerts

Blue Team Alerts

Blue Team Alerts

Blue Team Alerts

Blue Team Alerts

Blue Team Alerts

Blue Team Alerts

Blue Team Alerts

Blue Team Alerts

Blue Team Alerts

Blue Team Alerts

Blue Team Alerts

Blue Team Alerts

Blue Team Alerts

Blue Team Alerts

10 858

Kanalda mashhur

Sayt tili

TGStat Bot

Telegram Analytics

TGAlertsBot

SearcheeBot

Blue Team Alerts

Kanal geosi va tili

Toifa

10 858

Kanalda mashhur