#BlueTeam

6 days ago

BaseFortify CVE report page showing CVE-2026-28431 with CRITICAL 9.2 severity for insufficient permission checks in the Misskey platform.

Weakness: CWE-285 (Improper Authorization)

Misskey servers fail to properly enforce permission checks, allowing attackers to access data they should not be able to retrieve.

Impact:
• Unauthorized data access
• Potential data breach

#ThreatIntel #BlueTeam #Security

2 0 2 0

@citadelcysec.bsky.social

1 week ago

BaseFortify CVE report page showing CVE-2026-3630 with CRITICAL 9.8 severity score for a stack-based buffer overflow in Delta Electronics COMMGR2.

Product: Delta Electronics COMMGR2
Severity: CRITICAL (9.8)

The vulnerability is a stack-based buffer overflow where excessive input can overwrite adjacent memory on the stack.

Potential impact:
• Application crash
• System instability

#ThreatIntel #VulnerabilityManagement #BlueTeam #Security

0 0 1 0

Citadel Cybersec

1 week ago

Invite Only: A Threat Intelligence Investigation and Malware Analysis writeup A practical SOC analyst investigation of malicious hashes, phishing techniques, and malware delivery chains from the Invite Only TryHackMe…

New Cyber Threat Intelligence Write-Up 🔎

I investigated a suspicious artifact in a threat intel scenario — pivoting from IOCs to uncover malware behavior, infrastructure, and attacker activity.

#cybersecurity #threatintel #malwareanalysis #threathunting #socanalyst #infosec #dfir #blueteam

0 0 0 0

Disco Brian Davis

@discobriandavis.bsky.social

1 week ago

Come on now, Howard! They're just joshin' around like all cool white millionaire populist podcaster frat bros do!

They're on the #BlueTeam!

They're totally for *us*!, remember?

8 3 0 1

Democrats maintain House majority, winning Allegheny and Lehigh county special elections • Pennsylvania Capital-Star Tuesday’s elections were the 13th time House Democrats have defended their majority since winning control of the chamber for the first time in 12 years in 2022.

1 week ago

BaseFortify CVE report page showing CVE-2026-27441 with CRITICAL 9.5 severity score for OS command injection in SEPPmail Secure Email Gateway.

Product: SEPPmail Secure Email Gateway
Affected: Versions before 15.0.1

Weakness: CWE-78 (OS Command Injection)

User-controlled input from a PDF password can reach the OS command layer without sanitization, allowing command execution.

#ThreatIntel #VulnerabilityManagement #BlueTeam #Security

0 0 1 0

Daniel B. Kurz, M.A.

@danielkurz.bsky.social

1 week ago

Yes, the #IranWar is a major event, but #BlueTeam needs to also keep working for Dem Candidates. So far, so good. Next Special Election is Tues Mar 17

penncapital-star.com/campaigns-el...

1 0 0 0

sydney

@letswastetime.bsky.social

1 week ago

#threathunting #thrunting #cybersecurity #infosec #blueteam #securityoperations #PEAK #THORcollective

0 0 0 0

TechNadu

@technadu.com

1 week ago

Iranian Communications and Sensors Disrupted by US Cyber Command; Researchers Warn of Retaliatory Cyber Attacks While the U.S. Cyber Command's Iran operations disabled critical networks, cybersecurity researchers anticipate Iranian state-aligned personas' activity.

Full story:
www.technadu.com/iranian-comm...

For practitioners: How are you adjusting your threat models in light of geopolitical escalation?
#CyberWarfare #ThreatIntel #CriticalInfrastructure #Ransomware #BlueTeam

0 0 0 0

Futuristic Robert [KJ5ELX]

@0xf21d.bsky.social

2 weeks ago

It doesn't seem to me like the Iranian threat actors use anything super unique for initial access. Make sure your SOC is vigilant, informed, but don't go crazy. If you hyper focus you're gonna miss something not from Iranian threat actors.

#blueteam #cybersecurity #iran [2/2]

0 0 0 0

Futuristic Robert [KJ5ELX]

2 weeks ago

Technical summary:

Affected versions:
2.7.3.230719 – 2.8.4.250925

Weakness: CWE-494
Improper verification of downloaded executables.

Impact:
• Remote code execution
• Full system compromise
• Potential supply chain abuse

#ThreatIntel #VulnerabilityManagement #BlueTeam #Security

0 0 1 0

@0xf21d.bsky.social

2 weeks ago

Yes you should be concerned about Iranian threat actors. You should also be concerned about non-Iranian threat actors.

#cybersecurity #blueteam

0 0 0 0

IT-Connect

@it-connect.bsky.social

2 weeks ago

🔐 Sécu’ en bref : bien architecturer un système de journalisation selon l’#ANSSI

👉 Cet article résume les points clés du guide officiel de l’ANSSI, pour renforcer vos infrastructures #SI

🔗 www.it-connect.fr/secu-en-bref...

#Cybersecurity #Journalisation #Logs #SecOps #SIEM #BlueTeam

2 0 0 0

Austin

@aengelic.bsky.social

2 weeks ago

GitHub - Antonlovesdnb/ConstructingDefenseLab: Ludus range for the Constructing Defense Lab Ludus range for the Constructing Defense Lab. Contribute to Antonlovesdnb/ConstructingDefenseLab development by creating an account on GitHub.

github.com/Antonlovesdn...

#RedTeam #BlueTeam #PurpleTeam

0 0 0 0

Citizen X

@iberianm.bsky.social

2 weeks ago

Hackers Weaponize Claude Code in Mexican Government Cyberattack Attackers reportedly used an AI coding assistant in a government cyberattack.

SecurityWeek says attackers abused an AI coding assistant in a Mexican government breach. Defenders: restrict AI egress, segment repos, and monitor anomalous automated code. #CyberSecurity #BlueTeam

www.securityweek.com/hackers-weaponize-claude...

2 0 0 0

CyberWarFare Labs

@cyberwarfarelabs.bsky.social

2 weeks ago

🚨 FREE LIVE WEBINAR 🚨Want to level up your SOC skills? Learn how to correlate logs, map attacks, and detect threats like a pro.

👉🏻 Register now: forms.gle/Srgu1WJAax5m...

#CyberSecurity #SOCAnalyst #LogCorrelation #ThreatDetection #BlueTeam #CyberWebinar #SIEM #IncidentResponse #CWL

0 0 0 0

@grimmsgadgets.bsky.social

2 weeks ago

GitHub - grimmsgadgets-cmyk/ActorWatch: A lightweight threat actor lookup tool that turns reporting into a clear starting point for defensive review. A lightweight threat actor lookup tool that turns reporting into a clear starting point for defensive review. - grimmsgadgets-cmyk/ActorWatch

Shipped a big ActorWatch Community update: new built-in interface modes (Classic, Redraw, Bastion), immersive command-deck workflow, smarter mission console,cleaner analyst actions, and improved notes flow. #ThreatIntel #CTI #BlueTeam #AI github.com/grimmsgadget...

1 0 1 0

Achraf Dahech

@achraf-dh.bsky.social

2 weeks ago

🚨 CVSS 10.0 — Cisco SD-WAN zero-day

No credentials needed. One request = full admin on your SD-WAN fabric.

Exploited since 2023. All deployments affected.

Patch now. Restrict NETCONF access. Check logs back to 2023.

CVE-2026-20127 #CiscoSecurity #infosec #blueteam
Full brief → link in bio

2 0 0 0

Pen of Tentacles

@apolloniangasket.bsky.social

2 weeks ago

This is ominous.

No! No! No!

It’s go time motherfuckers!

#blueteam assemble!

1 0 0 0

TechNadu

@technadu.com

2 weeks ago

Threat Actors Leveraged Several Commercial AI Tools to Breach 600 FortiGate Firewalls A Russian-speaking threat actor leveraged AI to breach 600 FortiGate firewalls globally, targeting weak credentials rather than zero-day exploits.

Full report:
www.technadu.com/threat-actor...

Serious question for defenders:
Is AI primarily a productivity boost for security teams - or a force multiplier for attackers?
#CyberSecurity #FortiGate #ThreatIntelligence #BlueTeam #AI #NetworkSecurity

1 0 0 0

The DFIR Report

@thedfirreport.bsky.social

3 weeks ago

Apache ActiveMQ Exploit Leads to LockBit Ransomware - The DFIR Report Key Takeaways An audio version of this report can be found on Spotify, Apple, YouTube, Audible, & Amazon. This intrusion began in mid-February 2024 after a threat actor exploited a vulnerability…

🌟New report out today!🌟

Apache ActiveMQ Exploit Leads to LockBit Ransomware

Analysis and reporting completed by @malforsec, @lapadrino, and @PeteO.

🔊Audio: Available on Spotify, Apple, YouTube and more!

thedfirreport.com/2026/02/23/a...

#DFIR #DigitalForensics #BlueTeam

1 1 0 0

Thinkronicity ™

@thinkronicity.bsky.social

3 weeks ago

[Trends] [CTT] Deconstructing CVE-2026-1731 YouTube video by nuricaps

Further information as to that CVE 2026-1731
This is an eval server command abuse to get in and then jacking DNS queries for commands, sometimes in Base64 to obfuscate, as noted here.
#SparkRAT #BeyondTrust #cyber #CVE #RedTeam #BlueTeam #malware
youtu.be/nYqC0dTX1fg?...

0 0 0 0

Thinkronicity ™

@thinkronicity.bsky.social

3 weeks ago

GitHub - KeygraphHQ/shannon: Fully autonomous AI hacker to find actual exploits in your web apps. Shannon has achieved a 96.15% success rate on the hint-free, source-aware XBOW Benchmark. Fully autonomous AI hacker to find actual exploits in your web apps. Shannon has achieved a 96.15% success rate on the hint-free, source-aware XBOW Benchmark. - KeygraphHQ/shannon

#Shannon is an #OpenSource #PenTest tool by #KeygraphHQ for testing web applications for exploits before deploy & as a #CyberSecurity Professional. It is highly rated on #XBOW testing benchmarks. #ClaudeCode compatible.

#RedTeam #BlueTeam #Cyber #Malware #AIHacker
github.com/KeygraphHQ/s...

1 0 0 0

Thinkronicity ™

@thinkronicity.bsky.social

3 weeks ago

PentAGI overview YouTube video by VXControl

#PentAGI is a new #OpenSource by #VXcontrol penetration testing software for automated generation of reports and details from testing on the web and locally.

#GIT:
github.com/vxcontrol/pe...

#BlueTeam #RedTeam #CyberNews #CyberSecurity #PenTest #Cyber #
youtu.be/R70x5Ddzs1o?...

1 0 0 0

Pen of Tentacles

@apolloniangasket.bsky.social

3 weeks ago

Ok congress, it’s abundantly clear that he is completely off the rails and totally unfit! Do your job, nay your duty, and remove him immediately!! I would remind you that he has access to the button! Time to act on behalf of the world. Snap out of it and uphold the oaths you took!

#FDT #blueteam

0 0 0 0

3 weeks ago

CVE-2026-20817

Windows Error Reporting ALPC Elevation of Privilege - Proof-of-Concept exploit demonstrating local privilege escalation via WER service

github.com/oxfemale/CVE...

#dfir #redteam #blueteam #poc #windows #Pentesting

0 0 0 0

3 weeks ago

Mimikatz Missing Manual

His goal was to create the "Missing Manual" that explains not just the commands, but the why and the how of the Windows protocols being manipulated.

darkoperator.github.io/mimikatz-mis...

#redteam #blueteam #dfir #pentesting #mimikatz

0 0 0 0

3 weeks ago

More Powershell scripts for #blueteam were covered. This time we looked at Audit.ps1 for thorough endpoint analysis, and ADACLScan.ps1 for identifying DACL attacks

hackers-arise.com/powershell-f...

#dfir #powershell

0 0 0 0