/r/blueteamsec

Year:

A comprehensive threat profile on Leviathan, a Chinese-sponsored cyberespionage group, notorious for its sophisticated campaigns targeting both individuals and global entities.

7 upvotes • jnazario

Mark as read: Add to a list

CVE-2024-38054: pool overflow bug in the ksthunk.sys driver on Windows

7 upvotes • digicat

Mark as read: Add to a list

Microsoft Defender Antivirus event IDs and error codes - Event ID 5001 - MALWAREPROTECTION_RTP_DISABLED Message: Real-time protection is disabled.

6 upvotes • digicat

Mark as read: Add to a list

dockerc: container image to single executable compiler

6 upvotes • digicat

Mark as read: Add to a list

Ireland's National Cyber Emergency Plan

6 upvotes • digicat

Mark as read: Add to a list

Critical Vulnerabilities in Cato Client - "a lightweight agent that provides secure zero-trust access to resources everywhere – on the Internet, SaaS, and Cloud or in your private data center

6 upvotes • digicat

Mark as read: Add to a list

CheckMesh: Hidden Threats in Your FW - Recently, we encountered an exceptionally advanced cyber-attack targeting an Israeli enterprise utilizing a Check Point firewall. Dubbed as CheckMesh, for obvious reason the attack successfully deploys & executes a Mesh agent on the CheckPoint firewall Linux

6 upvotes • digicat

Mark as read: Add to a list

CNEXT (CVE-2024-2961) + CosmicSting (CVE-2024-34102): RCE on Magento 2.4.7

6 upvotes • digicat

Mark as read: Add to a list

Turning the screws: The pressure tactics of ransomware gangs

6 upvotes • jnazario

Mark as read: Add to a list

Latrodectus dropped by BR4

6 upvotes • digicat

Mark as read: Add to a list

Title	Upvotes	Author	Mark as read	Favorited	Rating	Add to a list
A comprehensive threat profile on Leviathan, a Chinese-sponsored cyberespionage group, notorious for its sophisticated campaigns targeting both individuals and global entities.	7	jnazario
CVE-2024-38054: pool overflow bug in the ksthunk.sys driver on Windows	7	digicat
Microsoft Defender Antivirus event IDs and error codes - Event ID 5001 - MALWAREPROTECTION_RTP_DISABLED Message: Real-time protection is disabled.	6	digicat
dockerc: container image to single executable compiler	6	digicat
Ireland's National Cyber Emergency Plan	6	digicat
Critical Vulnerabilities in Cato Client - "a lightweight agent that provides secure zero-trust access to resources everywhere – on the Internet, SaaS, and Cloud or in your private data center	6	digicat
CheckMesh: Hidden Threats in Your FW - Recently, we encountered an exceptionally advanced cyber-attack targeting an Israeli enterprise utilizing a Check Point firewall. Dubbed as CheckMesh, for obvious reason the attack successfully deploys & executes a Mesh agent on the CheckPoint firewall Linux	6	digicat
CNEXT (CVE-2024-2961) + CosmicSting (CVE-2024-34102): RCE on Magento 2.4.7	6	digicat
Turning the screws: The pressure tactics of ransomware gangs	6	jnazario
Latrodectus dropped by BR4	6	digicat