Featuring demos and practical tips, this webinar, "Securing Mobile Payments: Protecting Digital Wallets and SoftPOS from Attacks," will help security professionals collaborate more effectively with development teams to build stronger protection strategies and better defend digital wallet and SoftPOS mobile apps against today’s most common threats.

Welcome to Attack & Defend!

Here we are again, investigating both red and blue team solutions to the dangers of the cybersecurity world. You'll find tutorials, best practices, tools, and a few other pointers to get you started on taking your next step. Make sure to check out the Humble Bundle deal listed below as well!

Check out the ongoing Top Ten MITRE ATT&CK threats of 2024 breakdown that has launched through our sister newsletter, the _secpro. But anyway, here's some of the biggest problems facing people inyour position today!

Cheers!
Austin Miller
Editor-in-Chief

Wysh Life Benefit allows any financial institution to offer free life insurance directly through their customers’ savings accounts. By embedding micro life insurance into deposit accounts, Life Benefit provides built-in financial protection that grows with account balances. It’s a simple, no-cost innovation that enhances loyalty, encourages deposits, and differentiates institutions in a competitive market. No paperwork. No medical exams. Just automatic coverage that provides peace of mind—without changing how customers bank.

DragonForce Claims Massive Breach at Co-op and M&S: A cybercriminal group named DragonForce has claimed responsibility for a significant cyberattack on the Co-op supermarket chain, alleging the theft of private information from 20 million Co-op members. The hackers reportedly accessed both customer and employee data, including member card numbers, personal contact information, and staff credentials. Initially, Co-op downplayed the incident, but later acknowledged the breach involved a significant amount of personal data. DragonForce also claimed involvement in cyberattacks on Marks & Spencer (M&S), which suffered a ransomware attack leading to online operations being paralyzed and significant financial losses.

AI's Dual Role in Cybersecurity Highlighted at RSAC 2025: At the RSA Conference 2025, discussions centered around the transformative impact of AI on cybersecurity. Experts highlighted both the risks and opportunities presented by AI. While adversaries are leveraging AI tools for research and phishing, defenders are exploring AI's potential in vulnerability discovery and malware analysis. The conference emphasized the need for standardized security frameworks and responsible AI adoption to outpace evolving cyber threats.

NATO's Locked Shields 2025: A Realistic Cyber Defense Exercise: NATO's Locked Shields 2025 exercise brought together participants from 21 countries to engage in realistic cyber defense scenarios. The event focused on areas such as red teaming, penetration testing, digital forensics, and situational awareness. By simulating real-world attack methods and technologies, the exercise aimed to enhance the resilience of member nations against cyber adversaries.

AI-Driven Red Teaming: Emerging Threats and Techniques: A recent scoping review examined the use of AI technologies in cybersecurity attacks, highlighting how AI can automate the process of penetrating targets and collecting sensitive data. The study identified various AI-driven cyberattack methods targeting sensitive data, systems, and social media profiles. The application of AI in cybercrime presents an increasing threat, emphasizing the need for red teams to understand and simulate these advanced attack models.

CyberAlly: Enhancing Blue Team Efficiency with AI: Researchers introduced CyberAlly, a knowledge graph-enhanced AI assistant designed to augment blue team capabilities during incident response. Integrated into a cyber range alongside an open-source SIEM platform, CyberAlly monitors alerts, tracks blue team actions, and suggests tailored mitigation recommendations based on insights from prior red vs. blue team exercises. This tool aims to equip defenders to tackle evolving threats with greater precision and confidence.

Vechus/ODC-challenges - A collection of offensive and defensive training resources, perfect for keeping you and your team sharp!

shr3ddersec/Shr3dKit - This tool kit that is very much influenced by infosecn1nja's kit. Use this script to grab majority of the repos.

lengjibo/FourEye - An AV Evasion tool for Red Team Ops.

Mathuiss/cyber_wolf - A tool for building offensive skills with firewalls.

jorge-333/Virtual-Machine-Home-Lab - …built for the purpose of studying, Installing, and configuring Switches, Routers, Firewalls, SIEMs, IPS's, and Offensive Security Tools.

Vechus/ODC-challenges - A collection of offensive and defensive training resources, perfect for keeping you and your team sharp!

awais922609/Defensive-Learning - This repo covers firewall configurations, SIEM deployment, and various other important defensive topics, giving you the tools to build up your defensive skills.

0xInfection/Awesome-WAF - A collection of the best resources for improving your firewall skills; potentially the best collection online!

Ekultek/WhatWaf - …and once you’ve mastered that, here’s a way to get around WAFs

racecloud/NetBlocker - A specific implementation of a firewall script that reads logs from various servers, validates against public databases with offensive hosts and adjusts a MikroTik firewall.

Red Team and Blue Team Fundamentals – JobSkillShare: This comprehensive PDF guide provides a structured approach to understanding the core principles of both red and blue team operations. It covers practical skills such as vulnerability exploitation, incident response, and threat detection, making it an excellent starting point for professionals aiming to enhance their offensive and defensive cybersecurity capabilities.

Navigating Red and Blue Team Collaboration: OffSec explores the dynamics between red and blue teams, emphasizing the importance of collaboration over competition. The article discusses how gamified exercises and real-world simulations can break down communication barriers, fostering a culture of continuous improvement and mutual respect between offensive and defensive teams.

Red, Blue, and Purple Teams: Combining Your Security Capabilities – SANS Institute: This white paper delves into the integration of red and blue teams through the concept of purple teaming. It outlines how combining offensive and defensive strategies can lead to more effective security outcomes, offering insights into team structures, communication, and shared objectives.

A Red and Blue Cybersecurity Competition Case Study: This academic study examines the effectiveness of cybersecurity competitions in enhancing the skills of both red and blue team members. It highlights how simulated attack scenarios in controlled environments can improve technical abilities, strategic thinking, and team coordination.

Blue Team Fundamentals: Roles and Tools in a Security Operations Center (PDF): This research paper provides an in-depth look at the roles and tools essential for blue team operations within a Security Operations Center (SOC). It offers valuable insights into the responsibilities of blue team members and the technologies they employ to detect and mitigate threats.