2025-05-03 RDP #Honeypot IOCs - 6459 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
209.97.169.106 - 3714
45.117.177.2 - 1971
161.35.201.228 - 249

Top ASNs:
AS14061 - 3972
AS131353 - 1971
AS215311 - 84

Top Accounts:
hello - 6222
142.93.8.59 - 144
Test - 36

Top ISPs:
DigitalOcean, LLC - 3972
NHANHOA - 1971
Regxa Company for Information Technology Ltd - 84

Top Clients:
Unknown - 6459

Top Software:
Unknown - 6459

Top Keyboards:
Unknown - 6459

Top IP Classification:
hosting - 5796
Unknown - 372
hosting & proxy - 255

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/442SbD6t

#CyberSec #SOC #Blueteam #SecOps #Security

2025-05-03 RDP #Honeypot IOCs - 4306 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
209.97.169.106 - 2476
45.117.177.2 - 1314
161.35.201.228 - 166

Top ASNs:
AS14061 - 2648
AS131353 - 1314
AS215311 - 56

Top Accounts:
hello - 4148
142.93.8.59 - 96
Test - 24

Top ISPs:
DigitalOcean, LLC - 2648
NHANHOA - 1314
Regxa Company for Information Technology Ltd - 56

Top Clients:
Unknown - 4306

Top Software:
Unknown - 4306

Top Keyboards:
Unknown - 4306

Top IP Classification:
hosting - 3864
Unknown - 248
hosting & proxy - 170

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/3zK4z1Gq

#CyberSec #SOC #Blueteam #SecOps #Security

2025-05-03 RDP #Honeypot IOCs - 2153 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
209.97.169.106 - 1238
45.117.177.2 - 657
161.35.201.228 - 83

Top ASNs:
AS14061 - 1324
AS131353 - 657
AS215311 - 28

Top Accounts:
hello - 2074
142.93.8.59 - 48
Test - 12

Top ISPs:
DigitalOcean, LLC - 1324
NHANHOA - 657
Regxa Company for Information Technology Ltd - 28

Top Clients:
Unknown - 2153

Top Software:
Unknown - 2153

Top Keyboards:
Unknown - 2153

Top IP Classification:
hosting - 1932
Unknown - 124
hosting & proxy - 85

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/JpqwVMfs

#CyberSec #SOC #Blueteam #SecOps #Security

2025-05-02 RDP #Honeypot IOCs - 4179 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
45.117.177.2 - 2451
152.42.203.145 - 930
161.35.201.228 - 357

Top ASNs:
AS131353 - 2451
AS14061 - 1308
AS142002 - 93

Top Accounts:
hello - 3948
142.93.8.59 - 135
Administr - 21

Top ISPs:
NHANHOA - 2451
DigitalOcean, LLC - 1308
Scloud Pte Ltd - 93

Top Clients:
Unknown - 4179

Top Software:
Unknown - 4179

Top Keyboards:
Unknown - 4179

Top IP Classification:
hosting - 3477
hosting & proxy - 369
Unknown - 309

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/RZQrKvgE

#CyberSec #SOC #Blueteam #SecOps #Security

2025-05-02 RDP #Honeypot IOCs - 2786 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
45.117.177.2 - 1634
152.42.203.145 - 620
161.35.201.228 - 238

Top ASNs:
AS131353 - 1634
AS14061 - 872
AS142002 - 62

Top Accounts:
hello - 2632
142.93.8.59 - 90
Administr - 14

Top ISPs:
NHANHOA - 1634
DigitalOcean, LLC - 872
Scloud Pte Ltd - 62

Top Clients:
Unknown - 2786

Top Software:
Unknown - 2786

Top Keyboards:
Unknown - 2786

Top IP Classification:
hosting - 2318
hosting & proxy - 246
Unknown - 206

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/2CuNjFEi

#CyberSec #SOC #Blueteam #SecOps #Security

2025-05-02 RDP #Honeypot IOCs - 1393 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
45.117.177.2 - 817
152.42.203.145 - 310
161.35.201.228 - 119

Top ASNs:
AS131353 - 817
AS14061 - 436
AS142002 - 31

Top Accounts:
hello - 1316
142.93.8.59 - 45
Administr - 7

Top ISPs:
NHANHOA - 817
DigitalOcean, LLC - 436
Scloud Pte Ltd - 31

Top Clients:
Unknown - 1393

Top Software:
Unknown - 1393

Top Keyboards:
Unknown - 1393

Top IP Classification:
hosting - 1159
hosting & proxy - 123
Unknown - 103

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/HW5A5iJQ

#CyberSec #SOC #Blueteam #SecOps #Security

2025-05-01 RDP #Honeypot IOCs - 3009 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
45.117.177.2 - 2475
147.182.237.225 - 195
111.89.163.100 - 42

Top ASNs:
AS131353 - 2475
AS14061 - 213
AS2514 - 42

Top Accounts:
hello - 2754
142.93.8.59 - 132
Test - 30

Top ISPs:
NHANHOA - 2475
DigitalOcean, LLC - 213
NTT PC Communications, Inc. - 42

Top Clients:
Unknown - 3009

Top Software:
Unknown - 3009

Top Keyboards:
Unknown - 3009

Top IP Classification:
hosting - 2745
Unknown - 240
proxy - 21

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/yhnr6DQX

#CyberSec #SOC #Blueteam #SecOps #Security

2025-05-01 RDP #Honeypot IOCs - 2006 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
45.117.177.2 - 1650
147.182.237.225 - 130
111.89.163.100 - 28

Top ASNs:
AS131353 - 1650
AS14061 - 142
AS2514 - 28

Top Accounts:
hello - 1836
142.93.8.59 - 88
Test - 20

Top ISPs:
NHANHOA - 1650
DigitalOcean, LLC - 142
NTT PC Communications, Inc. - 28

Top Clients:
Unknown - 2006

Top Software:
Unknown - 2006

Top Keyboards:
Unknown - 2006

Top IP Classification:
hosting - 1830
Unknown - 160
proxy - 14

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/6CMRRrmz

#CyberSec #SOC #Blueteam #SecOps #Security

2025-05-01 RDP #Honeypot IOCs - 1003 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
45.117.177.2 - 825
147.182.237.225 - 65
111.89.163.100 - 14

Top ASNs:
AS131353 - 825
AS14061 - 71
AS2514 - 14

Top Accounts:
hello - 918
142.93.8.59 - 44
Test - 10

Top ISPs:
NHANHOA - 825
DigitalOcean, LLC - 71
NTT PC Communications, Inc. - 14

Top Clients:
Unknown - 1003

Top Software:
Unknown - 1003

Top Keyboards:
Unknown - 1003

Top IP Classification:
hosting - 915
Unknown - 80
proxy - 7

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/JNAr8nWw

#CyberSec #SOC #Blueteam #SecOps #Security

2025-04-30 RDP #Honeypot IOCs - 4104 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
159.89.6.147 - 2025
45.117.177.2 - 1488
54.204.98.247 - 204

Top ASNs:
AS14061 - 2025
AS131353 - 1488
AS14618 - 204

Top Accounts:
hello - 3798
142.93.8.59 - 162
Test - 30

Top ISPs:
DigitalOcean, LLC - 2025
NHANHOA - 1488
Amazon.com, Inc. - 204

Top Clients:
Unknown - 4104

Top Software:
Unknown - 4104

Top Keyboards:
Unknown - 4104

Top IP Classification:
hosting - 3804
Unknown - 270
proxy - 21

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/k6Ap3K3h

#CyberSec #SOC #Blueteam #SecOps #Security

2025-04-30 RDP #Honeypot IOCs - 2736 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
159.89.6.147 - 1350
45.117.177.2 - 992
54.204.98.247 - 136

Top ASNs:
AS14061 - 1350
AS131353 - 992
AS14618 - 136

Top Accounts:
hello - 2532
142.93.8.59 - 108
Test - 20

Top ISPs:
DigitalOcean, LLC - 1350
NHANHOA - 992
Amazon.com, Inc. - 136

Top Clients:
Unknown - 2736

Top Software:
Unknown - 2736

Top Keyboards:
Unknown - 2736

Top IP Classification:
hosting - 2536
Unknown - 180
proxy - 14

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/csNe1Z9i

#CyberSec #SOC #Blueteam #SecOps #Security

2025-04-30 RDP #Honeypot IOCs - 1368 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
159.89.6.147 - 675
45.117.177.2 - 496
54.204.98.247 - 68

Top ASNs:
AS14061 - 675
AS131353 - 496
AS14618 - 68

Top Accounts:
hello - 1266
142.93.8.59 - 54
Test - 10

Top ISPs:
DigitalOcean, LLC - 675
NHANHOA - 496
Amazon.com, Inc. - 68

Top Clients:
Unknown - 1368

Top Software:
Unknown - 1368

Top Keyboards:
Unknown - 1368

Top IP Classification:
hosting - 1268
Unknown - 90
proxy - 7

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/GbgSEW66

#CyberSec #SOC #Blueteam #SecOps #Security

Human error fuels 95% of breaches due to overwhelmed IT teams. AI steps in not to replace, but to assist – automating tasks, prioritizing threats & offering expert insights. Elastic's tools help smooth the migration to AI security. #CyberSecurity #AI #SecOps

2025-04-28 RDP #Honeypot IOCs - 18519 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
161.97.77.37 - 13674
159.89.6.147 - 3330
191.252.2.116 - 555

Top ASNs:
AS51167 - 13674
AS14061 - 3858
AS27715 - 555

Top Accounts:
hello - 18210
142.93.8.59 - 138
Domain - 57

Top ISPs:
Contabo GmbH - 13674
DigitalOcean, LLC - 3858
Locaweb Serviços de Internet S/A - 555

Top Clients:
Unknown - 18519

Top Software:
Unknown - 18519

Top Keyboards:
Unknown - 18519

Top IP Classification:
hosting - 18219
Unknown - 285
mobile & hosting - 6

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/6nbF3YHg

#CyberSec #SOC #Blueteam #SecOps #Security

2025-04-28 RDP #Honeypot IOCs - 18518 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
161.97.77.37 - 13673
159.89.6.147 - 3330
191.252.2.116 - 555

Top ASNs:
AS51167 - 13673
AS14061 - 3858
AS27715 - 555

Top Accounts:
hello - 18209
142.93.8.59 - 138
Domain - 57

Top ISPs:
Contabo GmbH - 13673
DigitalOcean, LLC - 3858
Locaweb Serviços de Internet S/A - 555

Top Clients:
Unknown - 18518

Top Software:
Unknown - 18518

Top Keyboards:
Unknown - 18518

Top IP Classification:
hosting - 18218
Unknown - 285
mobile & hosting - 6

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/pjhH7Mwz

#CyberSec #SOC #Blueteam #SecOps #Security

2025-04-28 RDP #Honeypot IOCs - 18517 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
161.97.77.37 - 13672
159.89.6.147 - 3330
191.252.2.116 - 555

Top ASNs:
AS51167 - 13672
AS14061 - 3858
AS27715 - 555

Top Accounts:
hello - 18208
142.93.8.59 - 138
Domain - 57

Top ISPs:
Contabo GmbH - 13672
DigitalOcean, LLC - 3858
Locaweb Serviços de Internet S/A - 555

Top Clients:
Unknown - 18517

Top Software:
Unknown - 18517

Top Keyboards:
Unknown - 18517

Top IP Classification:
hosting - 18217
Unknown - 285
mobile & hosting - 6

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/9443QxE0

#CyberSec #SOC #Blueteam #SecOps #Security

2025-04-28 RDP #Honeypot IOCs - 18516 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
161.97.77.37 - 13671
159.89.6.147 - 3330
191.252.2.116 - 555

Top ASNs:
AS51167 - 13671
AS14061 - 3858
AS27715 - 555

Top Accounts:
hello - 18207
142.93.8.59 - 138
Domain - 57

Top ISPs:
Contabo GmbH - 13671
DigitalOcean, LLC - 3858
Locaweb Serviços de Internet S/A - 555

Top Clients:
Unknown - 18516

Top Software:
Unknown - 18516

Top Keyboards:
Unknown - 18516

Top IP Classification:
hosting - 18216
Unknown - 285
mobile & hosting - 6

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/4ktQk2gT

#CyberSec #SOC #Blueteam #SecOps #Security

2025-04-28 RDP #Honeypot IOCs - 12344 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
161.97.77.37 - 9114
159.89.6.147 - 2220
191.252.2.116 - 370

Top ASNs:
AS51167 - 9114
AS14061 - 2572
AS27715 - 370

Top Accounts:
hello - 12138
142.93.8.59 - 92
Domain - 38

Top ISPs:
Contabo GmbH - 9114
DigitalOcean, LLC - 2572
Locaweb Serviços de Internet S/A - 370

Top Clients:
Unknown - 12344

Top Software:
Unknown - 12344

Top Keyboards:
Unknown - 12344

Top IP Classification:
hosting - 12144
Unknown - 190
mobile & hosting - 4

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/H8zgB6wM

#CyberSec #SOC #Blueteam #SecOps #Security

2025-04-28 RDP #Honeypot IOCs - 6172 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
161.97.77.37 - 4557
159.89.6.147 - 1110
191.252.2.116 - 185

Top ASNs:
AS51167 - 4557
AS14061 - 1286
AS27715 - 185

Top Accounts:
hello - 6069
142.93.8.59 - 46
Domain - 19

Top ISPs:
Contabo GmbH - 4557
DigitalOcean, LLC - 1286
Locaweb Serviços de Internet S/A - 185

Top Clients:
Unknown - 6172

Top Software:
Unknown - 6172

Top Keyboards:
Unknown - 6172

Top IP Classification:
hosting - 6072
Unknown - 95
mobile & hosting - 2

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/GrXMV6wW

#CyberSec #SOC #Blueteam #SecOps #Security

🛡️ Introducing the Defenders Tour — our hands-on SecOps workshop series is hitting the road.

We’re teaming up with our friends at Sublime Security, Tines, and SOCRadar to bring real-world tactics and automation strategies to a city near you.

Build a unified security operations stack that:

> Creates a scalable foundation with LimaCharlie’s SecOps Platform to consolidate your stack and investigate threats at scale

> Enhances email protection using Sublime Security’s behavioral analysis to detect advanced phishing

> Reduces analyst fatigue through Tines’ no-code automation to minimize MTTR

> Strengthens defenses with SOCRadar’s contextual threat intelligence

Walk away with implementation blueprints and automation playbooks you can plug into your SOC right away.

Join us for a free workshop that rocks the foundations of modern security operations.

Seats are extremely limited, register now: https://lu.ma/defenders-tour?utm_source=limacharlie

#defenderstour #cybersecurity #secops