Alfie Champion
@ajpc500.bsky.social
Founder @ delivr.to | Threat Detection @ GitHub | Previously MWR
💜💜💜
Review: Practical Purple Teaming
📖 Read more: www.helpnetsecurity.com/2025/09/23/r...
#cybersecurity #cybersecuritynews #books @ajpc500.bsky.social @nostarchpress.bsky.social
📖 Read more: www.helpnetsecurity.com/2025/09/23/r...
#cybersecurity #cybersecuritynews #books @ajpc500.bsky.social @nostarchpress.bsky.social
Review: Practical Purple Teaming - Help Net Security
Practical Purple Teaming is a guide to building stronger collaboration between offensive and defensive security teams.
www.helpnetsecurity.com
September 23, 2025 at 4:32 PM
💜💜💜
Reposted by Alfie Champion
It's here.
The latest iteration of our Top 10 includes the most important developments in initial access tradecraft; from macOS targeting of ClickFix, to Zip Smuggling, to QRLJacking.
Blog:
The latest iteration of our Top 10 includes the most important developments in initial access tradecraft; from macOS targeting of ClickFix, to Zip Smuggling, to QRLJacking.
Blog:
delivr.to’s Top 10 Payloads (July ‘25): FileFix, Zip Smuggling and QRLJacking
The fifth iteration of the delivr.to Top 10, including FileFix, Zip Smuggling and QRLJacking
blog.delivr.to
July 14, 2025 at 8:00 AM
It's here.
The latest iteration of our Top 10 includes the most important developments in initial access tradecraft; from macOS targeting of ClickFix, to Zip Smuggling, to QRLJacking.
Blog:
The latest iteration of our Top 10 includes the most important developments in initial access tradecraft; from macOS targeting of ClickFix, to Zip Smuggling, to QRLJacking.
Blog:
With a process that began two and a half years ago, I'm very excited to announce that I've written a book with @nostarchpress.bsky.social! 🎉
"Practical Purple Teaming" tells you all you need to know to get started with collaborative offensive testing.
nostarch.com/purple-teaming
"Practical Purple Teaming" tells you all you need to know to get started with collaborative offensive testing.
nostarch.com/purple-teaming
Practical Purple Teaming
This practical introduction to collaborative security testing, or “purple teaming,” is a hands-on, lab-based guide to key methodologies for cybersecurity practitioners in any field.
nostarch.com
March 13, 2025 at 9:43 AM
With a process that began two and a half years ago, I'm very excited to announce that I've written a book with @nostarchpress.bsky.social! 🎉
"Practical Purple Teaming" tells you all you need to know to get started with collaborative offensive testing.
nostarch.com/purple-teaming
"Practical Purple Teaming" tells you all you need to know to get started with collaborative offensive testing.
nostarch.com/purple-teaming
Reposted by Alfie Champion
⚠️ CVE-2025-21298 - A vuln in Windows could enable remote code execution via a crafted RTF file, just by the user previewing the file in Outlook
🛡️ We've added a POC to delivr.to to test deliverability: delivr.to/?id=d22c9632...
🔍 Detect RTFs with our Sublime rule: sublime.security/feeds/delivr...
🛡️ We've added a POC to delivr.to to test deliverability: delivr.to/?id=d22c9632...
🔍 Detect RTFs with our Sublime rule: sublime.security/feeds/delivr...
Home | delivr.to
Bringing purple teaming to email. Emulate the latest offensive techniques to measure your stack's effectiveness, track improvement, and quantify the threats that can reach your users.
delivr.to
January 22, 2025 at 4:10 PM
⚠️ CVE-2025-21298 - A vuln in Windows could enable remote code execution via a crafted RTF file, just by the user previewing the file in Outlook
🛡️ We've added a POC to delivr.to to test deliverability: delivr.to/?id=d22c9632...
🔍 Detect RTFs with our Sublime rule: sublime.security/feeds/delivr...
🛡️ We've added a POC to delivr.to to test deliverability: delivr.to/?id=d22c9632...
🔍 Detect RTFs with our Sublime rule: sublime.security/feeds/delivr...
Reposted by Alfie Champion
Twice a year we take a deep dive into the latest, notable tradecraft that has caught our attention in the world of phishing and initial access over the past six months. From Pastejacking, to image-less QR codes, to zip concatenation.
📚 Read our new Top 10: blog.delivr.to/delivr-tos-t...
📚 Read our new Top 10: blog.delivr.to/delivr-tos-t...
December 19, 2024 at 9:00 AM
Twice a year we take a deep dive into the latest, notable tradecraft that has caught our attention in the world of phishing and initial access over the past six months. From Pastejacking, to image-less QR codes, to zip concatenation.
📚 Read our new Top 10: blog.delivr.to/delivr-tos-t...
📚 Read our new Top 10: blog.delivr.to/delivr-tos-t...
Reposted by Alfie Champion
Reposted by Alfie Champion
@volexity.com’s latest blog post describes in detail how a Russian APT used a new attack technique, the “Nearest Neighbor Attack”, to leverage Wi-Fi networks in close proximity to the intended target while the attacker was halfway around the world.
Read more here: www.volexity.com/blog/2024/11...
Read more here: www.volexity.com/blog/2024/11...
The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access
In early February 2022, notably just ahead of the Russian invasion of Ukraine, Volexity made a discovery that led to one of the most fascinating and complex incident investigations Volexity had ever w...
www.volexity.com
November 22, 2024 at 2:58 PM
@volexity.com’s latest blog post describes in detail how a Russian APT used a new attack technique, the “Nearest Neighbor Attack”, to leverage Wi-Fi networks in close proximity to the intended target while the attacker was halfway around the world.
Read more here: www.volexity.com/blog/2024/11...
Read more here: www.volexity.com/blog/2024/11...
Reposted by Alfie Champion
I made a Detection Engineering starter pack, will be adding more as more folks jump over to bluesky! go.bsky.app/HenXJUR
November 18, 2024 at 3:37 PM
I made a Detection Engineering starter pack, will be adding more as more folks jump over to bluesky! go.bsky.app/HenXJUR
New place, same content from delivr.to 🦋😁
This is a really simple, but effective, initial access technique for evading mail filtering and delivering blocked file types (the original sample straight-up delivers an EXE 👀). Great research from Perception Point!
This is a really simple, but effective, initial access technique for evading mail filtering and delivering blocked file types (the original sample straight-up delivers an EXE 👀). Great research from Perception Point!
Zip Concatenation 📦⚠️
A recent blog from Perception Point (perception-point.io/blog/evasive-c…) shows how actors are concatenating zip files to evade mail filters and deliver malicious content
🛡️ Test deliverability: delivr.to/?search=conc...
🔍 Detect with YARA: github.com/delivr-to/de...
🧵1/3
A recent blog from Perception Point (perception-point.io/blog/evasive-c…) shows how actors are concatenating zip files to evade mail filters and deliver malicious content
🛡️ Test deliverability: delivr.to/?search=conc...
🔍 Detect with YARA: github.com/delivr-to/de...
🧵1/3
Evasive ZIP Concatenation: Trojan Targets Windows Users | Perception Point
Attackers exploit concatenated ZIP files, embedding malware that specifically targets users of certain tools to evade detection.
perception-point.io
November 15, 2024 at 10:10 AM
New place, same content from delivr.to 🦋😁
This is a really simple, but effective, initial access technique for evading mail filtering and delivering blocked file types (the original sample straight-up delivers an EXE 👀). Great research from Perception Point!
This is a really simple, but effective, initial access technique for evading mail filtering and delivering blocked file types (the original sample straight-up delivers an EXE 👀). Great research from Perception Point!