🚨 Want real-time cybersecurity alerts on your phone?
We built a free Telegram channel that delivers:
🔴 Critical CVE advisories (CVSS 7.0+)
🟠 Data breach reports as they drop
🌐 Dark web leak intelligence
📰 Correlated threat news from 10+ feeds
Fully automated. No ads. No paywalls. Just signal.
⚡ Join → https://t.me/yazoul
#cybersecurity #infosec #cve #databreach #threatintel #darkweb #security #hacking #blueteam #dfir #soc
🚨 Want real-time cybersecurity alerts on your phone?
We built a free Telegram channel that delivers:
🔴 Critical CVE advisories (CVSS 7.0+)
🟠 Data breach reports as they drop
🌐 Dark web leak intelligence
📰 Correlated threat news from 10+ feeds
Fully automated. No ads. No paywalls. Just signal.
⚡ Join → https://t.me/yazoul
#cybersecurity #infosec #cve #databreach #threatintel #darkweb #security #hacking #blueteam #dfir #soc
2026-03-10 RDP #Honeypot IOCs - 198 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec
Top IPs:
39.96.172.69 - 60
170.64.228.22 - 30
80.94.95.221 - 21
Top ASNs:
AS37963 - 60
AS396982 - 36
AS14061 - 30
Top Accounts:
hello - 114
Administr - 24
Test - 15
Top ISPs:
Hangzhou Alibaba Advertising Co - 60
Google LLC - 36
DigitalOcean, LLC - 30
Top Clients:
Unknown - 198
Top Software:
Unknown - 198
Top Keyboards:
Unknown - 198
Top IP Classification:
hosting - 153
Unknown - 45
Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key
2026-03-10 RDP #Honeypot IOCs - 132 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec
Top IPs:
39.96.172.69 - 40
170.64.228.22 - 20
80.94.95.221 - 14
Top ASNs:
AS37963 - 40
AS396982 - 24
AS14061 - 20
Top Accounts:
hello - 76
Administr - 16
Test - 10
Top ISPs:
Hangzhou Alibaba Advertising Co - 40
Google LLC - 24
DigitalOcean, LLC - 20
Top Clients:
Unknown - 132
Top Software:
Unknown - 132
Top Keyboards:
Unknown - 132
Top IP Classification:
hosting - 102
Unknown - 30
Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key
2026-03-10 RDP #Honeypot IOCs - 66 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec
Top IPs:
39.96.172.69 - 20
170.64.228.22 - 10
80.94.95.221 - 7
Top ASNs:
AS37963 - 20
AS396982 - 12
AS14061 - 10
Top Accounts:
hello - 38
Administr - 8
Test - 5
Top ISPs:
Hangzhou Alibaba Advertising Co - 20
Google LLC - 12
DigitalOcean, LLC - 10
Top Clients:
Unknown - 66
Top Software:
Unknown - 66
Top Keyboards:
Unknown - 66
Top IP Classification:
hosting - 51
Unknown - 15
Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key
Trying to land your first #SOCAnalyst role? This roadmap breaks down what to learn, which tools to practise (SIEM, EDR, Wireshark), and a 90‑day plan that produces portfolio-ready case notes and detections.
Read the full guide → https://codelabsacademy.com/en/blog/soc-analyst-roadmap-90-day-practice-plan?source=mastodon
For career changers in #Cybersecurity and #BlueTeam, with practical #InfoSec #Upskilling
2026-03-09 RDP #Honeypot IOCs - 159 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec
Top IPs:
143.198.30.243 - 45
80.94.95.221 - 18
111.170.152.113 - 15
Top ASNs:
AS14061 - 45
AS396982 - 36
AS204428 - 18
Top Accounts:
hello - 63
Administr - 30
Test - 24
Top ISPs:
DigitalOcean, LLC - 45
Google LLC - 36
SS-Net - 18
Top Clients:
Unknown - 159
Top Software:
Unknown - 159
Top Keyboards:
Unknown - 159
Top IP Classification:
hosting - 87
Unknown - 66
mobile - 3
Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key
2026-03-09 RDP #Honeypot IOCs - 106 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec
Top IPs:
143.198.30.243 - 30
80.94.95.221 - 12
111.170.152.113 - 10
Top ASNs:
AS14061 - 30
AS396982 - 24
AS204428 - 12
Top Accounts:
hello - 42
Administr - 20
Test - 16
Top ISPs:
DigitalOcean, LLC - 30
Google LLC - 24
SS-Net - 12
Top Clients:
Unknown - 106
Top Software:
Unknown - 106
Top Keyboards:
Unknown - 106
Top IP Classification:
hosting - 58
Unknown - 44
mobile - 2
Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key
2026-03-09 RDP #Honeypot IOCs - 53 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec
Top IPs:
143.198.30.243 - 15
80.94.95.221 - 6
111.170.152.113 - 5
Top ASNs:
AS14061 - 15
AS396982 - 12
AS204428 - 6
Top Accounts:
hello - 21
Administr - 10
Test - 8
Top ISPs:
DigitalOcean, LLC - 15
Google LLC - 12
SS-Net - 6
Top Clients:
Unknown - 53
Top Software:
Unknown - 53
Top Keyboards:
Unknown - 53
Top IP Classification:
hosting - 29
Unknown - 22
mobile - 1
Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key
2026-03-08 RDP #Honeypot IOCs - 207 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec
Top IPs:
80.94.95.221 - 93
194.165.16.165 - 12
66.175.211.81 - 12
Top ASNs:
AS204428 - 93
AS396982 - 36
AS48721 - 12
Top Accounts:
Administr - 99
Domain - 27
Test - 18
Top ISPs:
SS-Net - 93
Google LLC - 36
Flyservers S.A. - 12
Top Clients:
Unknown - 207
Top Software:
Unknown - 207
Top Keyboards:
Unknown - 207
Top IP Classification:
Unknown - 138
hosting - 60
proxy - 9
Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key
2026-03-08 RDP #Honeypot IOCs - 138 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec
Top IPs:
80.94.95.221 - 62
194.165.16.165 - 8
66.175.211.81 - 8
Top ASNs:
AS204428 - 62
AS396982 - 24
AS48721 - 8
Top Accounts:
Administr - 66
Domain - 18
Test - 12
Top ISPs:
SS-Net - 62
Google LLC - 24
Flyservers S.A. - 8
Top Clients:
Unknown - 138
Top Software:
Unknown - 138
Top Keyboards:
Unknown - 138
Top IP Classification:
Unknown - 92
hosting - 40
proxy - 6
Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key
2026-03-08 RDP #Honeypot IOCs - 69 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec
Top IPs:
80.94.95.221 - 31
194.165.16.165 - 4
66.175.211.81 - 4
Top ASNs:
AS204428 - 31
AS396982 - 12
AS48721 - 4
Top Accounts:
Administr - 33
Domain - 9
Test - 6
Top ISPs:
SS-Net - 31
Google LLC - 12
Flyservers S.A. - 4
Top Clients:
Unknown - 69
Top Software:
Unknown - 69
Top Keyboards:
Unknown - 69
Top IP Classification:
Unknown - 46
hosting - 20
proxy - 3
Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key
2026-03-07 RDP #Honeypot IOCs - 318 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec
Top IPs:
52.159.76.8 - 177
143.198.30.243 - 42
80.94.95.221 - 18
Top ASNs:
AS8075 - 177
AS14061 - 42
AS396982 - 36
Top Accounts:
hello - 228
Administr - 33
Test - 12
Top ISPs:
Microsoft Corporation - 177
DigitalOcean, LLC - 42
Google LLC - 36
Top Clients:
Unknown - 318
Top Software:
Unknown - 318
Top Keyboards:
Unknown - 318
Top IP Classification:
hosting - 258
Unknown - 48
proxy - 12
Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key
2026-03-07 RDP #Honeypot IOCs - 212 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec
Top IPs:
52.159.76.8 - 118
143.198.30.243 - 28
80.94.95.221 - 12
Top ASNs:
AS8075 - 118
AS14061 - 28
AS396982 - 24
Top Accounts:
hello - 152
Administr - 22
Test - 8
Top ISPs:
Microsoft Corporation - 118
DigitalOcean, LLC - 28
Google LLC - 24
Top Clients:
Unknown - 212
Top Software:
Unknown - 212
Top Keyboards:
Unknown - 212
Top IP Classification:
hosting - 172
Unknown - 32
proxy - 8
Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key
2026-03-07 RDP #Honeypot IOCs - 106 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec
Top IPs:
52.159.76.8 - 59
143.198.30.243 - 14
80.94.95.221 - 6
Top ASNs:
AS8075 - 59
AS14061 - 14
AS396982 - 12
Top Accounts:
hello - 76
Administr - 11
Test - 4
Top ISPs:
Microsoft Corporation - 59
DigitalOcean, LLC - 14
Google LLC - 12
Top Clients:
Unknown - 106
Top Software:
Unknown - 106
Top Keyboards:
Unknown - 106
Top IP Classification:
hosting - 86
Unknown - 16
proxy - 4
Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key
Microsoft warned about OAuth redirect abuse on March 2, 2026. This isn't credential theft or classic token theft by itself. It weaponizes Entra ID error handling.
An attacker registers an OAuth app with a malicious redirect URI, sends a crafted login.microsoftonline.com link designed to fail, and Entra ID's 302 redirect lands the victim on a phishing page or malware dropper. The sign-in fails and the attacker still wins.
I built a detection and hardening kit you can deploy to an existing Sentinel workspace:
• 4 analytics rules: consent after risky sign-in, suspicious redirect URIs, OAuth error clustering, bulk consent
• 5 hunting queries: permissions baseline, non-corporate IP auth, high-privilege apps, URI inventory, token replay
• 1 workbook: OAuth Security Dashboard
Entra hardening: verified-publisher consent restriction, MFA policy for risky OAuth sign-ins
• OAuth app audit: flags suspicious redirect URIs and overprivileged permissions across app registrations
Blog post: https://nineliveszerotrust.com/blog/oauth-redirect-abuse-sentinel/
Companion lab on GitHub: https://github.com/j-dahl7/oauth-redirect-abuse-sentinel
#MicrosoftSentinel #EntraID #DetectionEngineering #OAuth #IdentitySecurity #BlueTeam
If the Kardashians launched their own framework it would be Kommand and Kontrol (K2).
The Momager (Kris.exe or Kris.sh): The primary C2 listener.
The Glow Up: Privesc
Keeping Up: Lateral movement
#C2Framework #RedTeaming #PostExploitation #MalwareDevelopment #Infosec #CyberSecurity #EDRBypass #ActiveDirectory #PenTesting #ThreatHunting #MITREATTACK #APTHunting #Shellcode #ZeroDay #Persistence #Exfiltration #BlueTeam #PurpleTeaming #kardashians
2026-03-06 RDP #Honeypot IOCs - 204 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec
Top IPs:
71.6.134.235 - 30
42.193.196.87 - 21
2.57.121.22 - 15
Top ASNs:
AS396982 - 48
AS10439 - 30
AS45090 - 21
Top Accounts:
hello - 45
Administr - 36
Test - 27
Top ISPs:
Google LLC - 48
CariNet, Inc. - 30
China Internet Network Information Center - 21
Top Clients:
Unknown - 204
Top Software:
Unknown - 204
Top Keyboards:
Unknown - 204
Top IP Classification:
Unknown - 99
hosting - 69
hosting & proxy - 30
Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key
2026-03-06 RDP #Honeypot IOCs - 136 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec
Top IPs:
71.6.134.235 - 20
42.193.196.87 - 14
2.57.121.22 - 10
Top ASNs:
AS396982 - 32
AS10439 - 20
AS45090 - 14
Top Accounts:
hello - 30
Administr - 24
Test - 18
Top ISPs:
Google LLC - 32
CariNet, Inc. - 20
China Internet Network Information Center - 14
Top Clients:
Unknown - 136
Top Software:
Unknown - 136
Top Keyboards:
Unknown - 136
Top IP Classification:
Unknown - 66
hosting - 46
hosting & proxy - 20
Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key
2026-03-06 RDP #Honeypot IOCs - 68 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec
Top IPs:
71.6.134.235 - 10
42.193.196.87 - 7
2.57.121.22 - 5
Top ASNs:
AS396982 - 16
AS10439 - 10
AS45090 - 7
Top Accounts:
hello - 15
Administr - 12
Test - 9
Top ISPs:
Google LLC - 16
CariNet, Inc. - 10
China Internet Network Information Center - 7
Top Clients:
Unknown - 68
Top Software:
Unknown - 68
Top Keyboards:
Unknown - 68
Top IP Classification:
Unknown - 33
hosting - 23
hosting & proxy - 10
Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key
