IT, cybersecurity, cybercrime, OSINT. i like running honeypots.
π‘οΈ Honeypot Attack Summary (last 24h)
π€ Usernames tried:
root (1,547), admin (203), oracle (71), user (47), postgres (45), test (42)
π Passwords used:
1 (1,417), 123456 (282), 123 (174), abc123 (54), (empty) (50), admin (48)
π https://moltenbit.net
#cybersecurity #honeypot #infosec #security
honeypot 24h most tested usernames
Geolocation case solved on the @Bellingcat Discord π΅οΈββοΈπ
A video claimed to show wind turbines arriving in La Guajira, Colombia β but it was actually filmed in Oklahoma, USA.
The fact-check is now live on Colombiacheck:
π https://colombiacheck.com/chequeos/este-video-de-agradecimiento-petro-por-llegada-de-turbinas-eolicas-la-guajira-no-es-en
Blog post about it by me:
π
https://moltenbit.net/posts/combating-misinformation-through-geolocation/
Funnull enabled large-scale crypto scams by leasing IP space + hosting 332K+ fast-flux domains across AWS, Azure, and others. FBI calls this βinfrastructure laundering.β. IOCs can be found here: https://www.ic3.gov/CSA/2025/250529.pdf via @briankrebs https://krebsonsecurity.com/2025/05/u-s-sanctions-cloud-provider-funnull-as-top-source-of-pig-butchering-scams/
#infosec #cybersecurity #cybercrime
Interesting that #CrowdStrike Falcon doesn't detect the EICAR test file on VirusTotal.
#microsoft #outlook still using #windows xp style recycle bin icon when deleting mails seems wild to me
New blog post:
Send out custom e-mail notifications to admins when new devices join Intune!
https://moltenbit.net/posts/custom-admin-notifications-for-new-intune-enrollments/
Couple days ago I published my walkthrough for #OSINT exercise 005 by
@gralhix . Great challenges, looking forward to the others.
https://moltenbit.net/posts/gralhix-osint-exercise-005-walkthrough/
New, from me:
KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per second (a terabit is one trillion bits of data). The brief attack appears to have been a test run for a massive new Internet of Things (IoT) botnet capable of launching crippling digital assaults that few web destinations can withstand. Read on for more about the botnet, the attack, and the apparent creator of this global menace.
According to Google, the botnet that hit my site - at a rate of 585 million packets per second -- is an IoT botnet known as Aisuru, and it is the same one that hit Cloudflare with a remarkably similar attack last month. I interviewed the self-professed creator of Aisuru, a 21 y/o Brazilian who goes by the handle "Forky." Forky denied being involved in an attack on my site, but he also lied in almost everything else he told me.
There's a lot more to this story, including some eerie parallels between Aisuru's rise and that of the Mirai IoT botnet, which became so powerful because it effectively out-competed every other DDoS botnet in existence, giving them enormous firepower. Ironically, this same concentration of power happens each time the FBI conducts another one of its mass takedowns of DDoS-for-hire services. The ones that don't get taken down benefit enormously.
https://krebsonsecurity.com/2025/05/krebsonsecurity-hit-with-near-record-6-3-tbps-ddos/
#CVE-2025-30386 released today by #Microsoft sounds worrying:
βIn the worst-case email attack scenario, an attacker could send a specially crafted email to the user without a requirement that the victim open, read, or click on the link.β - leading to RCE.
honeypot 24h most tested passwords
honeypot 24h most tested usernames
honeypot 24h attack map
honeypot attack map, last 24h
It is 7 AM and you're (loudly) discussing a merger at a table in the middle of a hotel restaurant.
Bold strategy Cotton.
interesting read from the japanese CERT about windows eventIDs generated by human-operated ransomware
@chrismeller thank you, that means a lot!
all time #honeypot attack map
what's your favorite #linux distro?
