And as the final presenter before lunch on day 3, @Jacob is now on stage talking about protecting against #AiTM attacks at scale with #canarytokens - at @hack_lu !!

#hacklu2024

Brittiska cybersäkerhetscentret NCSC satsar på bl.a. honeypots i en ny stor satsning. Läs mer på bloggen: https://kryptera.se/storbritannien-satsar-pa-honeypots/

#CyberSecurity #NCSC #Honeypots #Honeytokens #Breadcrumbs #CloudSecurity #CyberDefense #ThreatDetection #UKCyberSecurity #IPv4 #IPv6 #Infosec #CyberAwareness #SecurityTokens #NationalSecurity #CyberStrategy #DigitalDefense #Cybersäkerhet #CyberThreats #CanaryTokens #itsakerhet

"Defending against the Attack of the Clone[d website]s!"

https://blog.thinkst.com/2024/01/defending-against-the-attack-of-the-cloned-websites.html

#security #websites #webdev #canarytokens

Can somebody point out what I am obviously missing?
In this guide on #canarytokens

https://docs.canarytokens.org/guide/dns-token.html#encoding-additional-information-in-your-token
it is explained howto make a dns token. Fine, I get how a resolution of a dns something produces a warning.

But then they state: leave in_bash-history or ssh/config or servers.txt

But how do you adding such a token in your bash history lead to a tripwire?
Should you than add something like
ssh root@tokenurl or something?

and than hope the hacker tries this? Or what would you do?
#blueteam
#infosec

Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders. - In large metropolitan areas, tourists are often easy to spot because they’re far m... https://krebsonsecurity.com/2023/08/tourists-give-themselves-away-by-looking-up-so-do-most-network-intruders/ #thecomingstorm #securitytools #canarytokens #hazelburton #shubhamshah #ransomware #ciscotalos #haroonmeer #assetnote #thinkst

Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders.

https://krebsonsecurity.com/2023/08/tourists-give-themselves-away-by-looking-up-so-do-most-network-intruders/

#TheComingStorm #SecurityTools #CanaryTokens #HazelBurton #ShubhamShah #Ransomware #CiscoTalos #HaroonMeer #Assetnote #Thinkst

Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders. https://krebsonsecurity.com/2023/08/tourists-give-themselves-away-by-looking-up-so-do-most-network-intruders/ #TheComingStorm #SecurityTools #CanaryTokens #HazelBurton #ShubhamShah #Ransomware #CiscoTalos #HaroonMeer #Assetnote #Thinkst

Day 19 of #100daysofhomelab and not done a lot today, so its mostly links…

• New Lenovo ThinkSystem V3 Servers with 4th Gen Intel Xeon Scalable Launched (servethehome.com)
• New Dell PowerEdge Servers with 4th Gen Intel Xeon Scalable Sapphire Rapids Launched (servethehome.com)
• MikroTik CRS504-4XQ-IN Review Momentus 4x 100GbE and 25GbE Desktop Switch (servethehome.com)
• git-sim: Visually simulate Git operations in your own repos (initialcommit.com)
• The 88×31 GIF Collection | Part 1 (dabamos.de) looking though these makes me feel old…
• Swipe right on our new credit card tokens! – Thinkst Thoughts
• Canarytokens

---

This site is hosted on my own ASN on AS204994. More details about that over there. I also use Vultr for transit services and HostUs for LIR Services. Check them out. You can also check some of the gear I use on a daily basis over on kit.co/tiernano.

#100daysofhomelab #canarytokens #dell #homelab #lenovo #mikrotik #xeon-4th-gen

https://www.tiernanotoole.ie/2023/01/22/day-19-of-100daysofhomelab.html

Looking for an DBMS-way to implement #canarytokens with a #MongoDB that sends a pingback if a certain row is queried. Research...
https://canarytokens.org/generate

Today is a good day to add canary tokens to your infrastructure!



Did you know you can get free #CanaryTokens from @ThinkstCanary to alert on suspicious activity?

On https://canarytokens.org/generate, you can generate a whole range of “canaries”, or assets that look like one thing but will actually email you as soon as someone or something interacts with them.



A canary can be a pdf file called “password.pdf”, left on server, a computer or attached to an email. 



A canary can be AWS keys, left in a config file or committed in a private git repo.

A canary can listen for SQL commands or command being run.

A canary can be an email address, included in customer or employee lists.

They are traps you place, so you know something’s been compromised and your team can start investigating immediately *.

Check out the documentation for more examples and use cases: https://docs.canarytokens.org/guide/

Set up your free #HoneyPots this month! #NewYearResolutions



* These are free so there are some limitations, but still super neat to have.

Now is a good time for you to drop couple of #AWS #canarytokens in your #slack chats. You might get lucky...
#detectionengineering #spotthebirdie

Kanarek rozdaje tokeny, czyli jak używać Canarytokens ( https://nfsec.pl/security/5883 ) #canarytokens #honeytokens #honeypot #ids #url #file #twittermigration

#BlueTeamtoot of the day: Search for AKIA*, ASIA* and ABIA* in your slack/teams/jira/confluence etc, you might be surprised. #Redteams do the same, you might get lucky 😅
#DetectionEngineering teams drop some #AWS API key #CanaryTokens in your chatops tooling, when it triggers an alert you know you have a problem

Intrusion Alert: Michael Hill explains how GitGuardian's #OpenSource canary tokens can help detect compromised DevOps environments https://www.fosslife.org/open-source-canary-tokens-help-detect-software-breaches #ggcanary #GitHub #GitGuardian #CanaryTokens #AWS #DevOps #security

Detect Vulnerable Log4J Websites with CanaryTokens

On this episode of HakByte, Alex Lynd demonstrates how to test if web applications are vulnerable to the Log4Shell exploit, using CanaryTokens.

#HakByte #Log4J #Log4Shell #CanaryTokens

https://www.youtube.com/watch?v=qjA_vc9Ua5A