2025-05-19 RDP #Honeypot IOCs - 9045 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
128.199.168.88 - 3156
146.190.89.207 - 2322
143.198.221.164 - 741

Top ASNs:
AS14061 - 8670
AS11427 - 186
AS14315 - 39

Top Accounts:
hello - 8925
142.93.8.59 - 33
Test - 18

Top ISPs:
DigitalOcean, LLC - 8670
Charter Communications Inc - 186
Internet Utilities NA LLC - 39

Top Clients:
Unknown - 9045

Top Software:
Unknown - 9045

Top Keyboards:
Unknown - 9045

Top IP Classification:
hosting - 8754
Unknown - 282
hosting & proxy - 9

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/8biiQF0w

#CyberSec #SOC #Blueteam #SecOps #Security

2025-05-19 RDP #Honeypot IOCs - 6030 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
128.199.168.88 - 2104
146.190.89.207 - 1548
143.198.221.164 - 494

Top ASNs:
AS14061 - 5780
AS11427 - 124
AS14315 - 26

Top Accounts:
hello - 5950
142.93.8.59 - 22
Test - 12

Top ISPs:
DigitalOcean, LLC - 5780
Charter Communications Inc - 124
Internet Utilities NA LLC - 26

Top Clients:
Unknown - 6030

Top Software:
Unknown - 6030

Top Keyboards:
Unknown - 6030

Top IP Classification:
hosting - 5836
Unknown - 188
hosting & proxy - 6

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/1HSUpZNe

#CyberSec #SOC #Blueteam #SecOps #Security

2025-05-19 RDP #Honeypot IOCs - 3015 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
128.199.168.88 - 1052
146.190.89.207 - 774
143.198.221.164 - 247

Top ASNs:
AS14061 - 2890
AS11427 - 62
AS14315 - 13

Top Accounts:
hello - 2975
142.93.8.59 - 11
Test - 6

Top ISPs:
DigitalOcean, LLC - 2890
Charter Communications Inc - 62
Internet Utilities NA LLC - 13

Top Clients:
Unknown - 3015

Top Software:
Unknown - 3015

Top Keyboards:
Unknown - 3015

Top IP Classification:
hosting - 2918
Unknown - 94
hosting & proxy - 3

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/ykVcAN8Z

#CyberSec #SOC #Blueteam #SecOps #Security

New Open-Source Tool Spotlight 🚨🚨🚨

Real-time deepfake tech evolves: Deep-Live-Cam lets you swap faces and transform videos with just one image. GPU support (NVIDIA/AMD) ensures smooth performance for realistic results. Ethical use rules apply to prevent misuse. #DeepFake #AI

🔗 Project link on #GitHub 👉 https://github.com/hacksider/Deep-Live-Cam

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

— ✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

🐽 Snort Command Cheat Sheet: Understand Network Threats Like a Pro

Snort is a powerful open-source tool used for Network Intrusion Detection and Prevention (NIDS/NIPS). It's widely adopted by blue teams and security professionals to monitor, alert, and defend against malicious network activity.

🧠 Key Usage Modes (No Code Needed):

• Test Mode: Check configuration files before deployment
• Packet Sniffing Mode: Monitor live traffic and display it in real time
• Packet Logging Mode: Capture packets and store them for analysis
• IDS Mode: Analyze traffic against rule sets and raise alerts
• Silent Mode: Run in the background while logging events

🛡️ Snort is great for:
• Detecting port scans and suspicious payloads
• Monitoring traffic for policy violations
• Integrating with SIEM solutions
• Practicing blue team defensive strategies

Disclaimer: This content is intended strictly for educational and awareness purposes. Use intrusion detection systems responsibly and ethically.

#Snort #NetworkSecurity #CyberSecurity #InfoSec #BlueTeam #IDS #EducationOnly #IntrusionDetection #SOCTools #PacketAnalysis

2025-05-18 RDP #Honeypot IOCs - 8001 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
128.199.168.88 - 3207
143.198.221.164 - 756
172.111.244.66 - 756

Top ASNs:
AS14061 - 6297
AS9009 - 756
AS27357 - 714

Top Accounts:
hello - 7884
Test - 33
eltons - 15

Top ISPs:
DigitalOcean, LLC - 6297
Secure Internet LLC - 756
Rackspace Hosting - 714

Top Clients:
Unknown - 8001

Top Software:
Unknown - 8001

Top Keyboards:
Unknown - 8001

Top IP Classification:
hosting - 7113
hosting & proxy - 765
Unknown - 120

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/eVjXCu0s

#CyberSec #SOC #Blueteam #SecOps #Security

2025-05-18 RDP #Honeypot IOCs - 5334 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
128.199.168.88 - 2138
143.198.221.164 - 504
172.111.244.66 - 504

Top ASNs:
AS14061 - 4198
AS9009 - 504
AS27357 - 476

Top Accounts:
hello - 5256
Test - 22
eltons - 10

Top ISPs:
DigitalOcean, LLC - 4198
Secure Internet LLC - 504
Rackspace Hosting - 476

Top Clients:
Unknown - 5334

Top Software:
Unknown - 5334

Top Keyboards:
Unknown - 5334

Top IP Classification:
hosting - 4742
hosting & proxy - 510
Unknown - 80

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/mjuQMdMX

#CyberSec #SOC #Blueteam #SecOps #Security

2025-05-18 RDP #Honeypot IOCs - 2667 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
128.199.168.88 - 1069
143.198.221.164 - 252
172.111.244.66 - 252

Top ASNs:
AS14061 - 2099
AS9009 - 252
AS27357 - 238

Top Accounts:
hello - 2628
Test - 11
eltons - 5

Top ISPs:
DigitalOcean, LLC - 2099
Secure Internet LLC - 252
Rackspace Hosting - 238

Top Clients:
Unknown - 2667

Top Software:
Unknown - 2667

Top Keyboards:
Unknown - 2667

Top IP Classification:
hosting - 2371
hosting & proxy - 255
Unknown - 40

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/urT9AKa5

#CyberSec #SOC #Blueteam #SecOps #Security

2025-05-17 RDP #Honeypot IOCs - 4026 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
128.199.168.88 - 3219
172.111.244.66 - 120
104.130.13.117 - 102

Top ASNs:
AS14061 - 3606
AS9009 - 120
AS27357 - 102

Top Accounts:
hello - 3906
Test - 24
Administr - 21

Top ISPs:
DigitalOcean, LLC - 3606
Secure Internet LLC - 120
Rackspace Hosting - 102

Top Clients:
Unknown - 4026

Top Software:
Unknown - 4026

Top Keyboards:
Unknown - 4026

Top IP Classification:
hosting - 3846
hosting & proxy - 120
Unknown - 60

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/bTKVKPv4

#CyberSec #SOC #Blueteam #SecOps #Security

2025-05-17 RDP #Honeypot IOCs - 2684 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
128.199.168.88 - 2146
172.111.244.66 - 80
104.130.13.117 - 68

Top ASNs:
AS14061 - 2404
AS9009 - 80
AS27357 - 68

Top Accounts:
hello - 2604
Test - 16
Administr - 14

Top ISPs:
DigitalOcean, LLC - 2404
Secure Internet LLC - 80
Rackspace Hosting - 68

Top Clients:
Unknown - 2684

Top Software:
Unknown - 2684

Top Keyboards:
Unknown - 2684

Top IP Classification:
hosting - 2564
hosting & proxy - 80
Unknown - 40

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/q4ZnYY4f

#CyberSec #SOC #Blueteam #SecOps #Security

2025-05-17 RDP #Honeypot IOCs - 1342 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
128.199.168.88 - 1073
172.111.244.66 - 40
104.130.13.117 - 34

Top ASNs:
AS14061 - 1202
AS9009 - 40
AS27357 - 34

Top Accounts:
hello - 1302
Test - 8
Administr - 7

Top ISPs:
DigitalOcean, LLC - 1202
Secure Internet LLC - 40
Rackspace Hosting - 34

Top Clients:
Unknown - 1342

Top Software:
Unknown - 1342

Top Keyboards:
Unknown - 1342

Top IP Classification:
hosting - 1282
hosting & proxy - 40
Unknown - 20

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/UtDNnk9R

#CyberSec #SOC #Blueteam #SecOps #Security

2025-05-16 RDP #Honeypot IOCs - 4293 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
128.199.168.88 - 3249
128.199.166.57 - 726
216.122.187.31 - 132

Top ASNs:
AS14061 - 3987
AS14315 - 132
AS210848 - 48

Top Accounts:
hello - 4128
Administr - 48
Test - 33

Top ISPs:
DigitalOcean, LLC - 3987
Internet Utilities NA LLC - 132
Google LLC - 36

Top Clients:
Unknown - 4293

Top Software:
Unknown - 4293

Top Keyboards:
Unknown - 4293

Top IP Classification:
hosting - 4176
Unknown - 111
proxy - 6

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/8atCMrek

#CyberSec #SOC #Blueteam #SecOps #Security

2025-05-16 RDP #Honeypot IOCs - 2862 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
128.199.168.88 - 2166
128.199.166.57 - 484
216.122.187.31 - 88

Top ASNs:
AS14061 - 2658
AS14315 - 88
AS210848 - 32

Top Accounts:
hello - 2752
Administr - 32
Test - 22

Top ISPs:
DigitalOcean, LLC - 2658
Internet Utilities NA LLC - 88
Google LLC - 24

Top Clients:
Unknown - 2862

Top Software:
Unknown - 2862

Top Keyboards:
Unknown - 2862

Top IP Classification:
hosting - 2784
Unknown - 74
proxy - 4

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/FeRJWG6a

#CyberSec #SOC #Blueteam #SecOps #Security

2025-05-16 RDP #Honeypot IOCs - 1431 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
128.199.168.88 - 1083
128.199.166.57 - 242
216.122.187.31 - 44

Top ASNs:
AS14061 - 1329
AS14315 - 44
AS210848 - 16

Top Accounts:
hello - 1376
Administr - 16
Test - 11

Top ISPs:
DigitalOcean, LLC - 1329
Internet Utilities NA LLC - 44
Google LLC - 12

Top Clients:
Unknown - 1431

Top Software:
Unknown - 1431

Top Keyboards:
Unknown - 1431

Top IP Classification:
hosting - 1392
Unknown - 37
proxy - 2

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/3N3axpgy

#CyberSec #SOC #Blueteam #SecOps #Security

New Open-Source Tool Spotlight 🚨🚨🚨

pwncat is more than a basic reverse shell handler—it's a post-exploitation platform. With features like PTY spawning, privilege escalation automation, and persistence management, it simplifies red team operations across Linux and now Windows (alpha). Python 3.9+ required. #CyberSecurity #RedTeamTools

🔗 Project link on #GitHub 👉 https://github.com/calebstewart/pwncat

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

— ✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

2025-05-15 RDP #Honeypot IOCs - 11853 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
174.138.67.202 - 5121
128.199.168.88 - 3342
128.199.166.57 - 3060

Top ASNs:
AS14061 - 11541
AS14315 - 108
AS396982 - 36

Top Accounts:
hello - 11646
142.93.8.59 - 63
Test - 42

Top ISPs:
DigitalOcean, LLC - 11541
Internet Utilities NA LLC - 108
Google LLC - 36

Top Clients:
Unknown - 11853

Top Software:
Unknown - 11853

Top Keyboards:
Unknown - 11853

Top IP Classification:
hosting - 11712
Unknown - 138
mobile & hosting - 3

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/etihbnUm

#CyberSec #SOC #Blueteam #SecOps #Security

2025-05-15 RDP #Honeypot IOCs - 7902 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
174.138.67.202 - 3414
128.199.168.88 - 2228
128.199.166.57 - 2040

Top ASNs:
AS14061 - 7694
AS14315 - 72
AS396982 - 24

Top Accounts:
hello - 7764
142.93.8.59 - 42
Test - 28

Top ISPs:
DigitalOcean, LLC - 7694
Internet Utilities NA LLC - 72
Google LLC - 24

Top Clients:
Unknown - 7902

Top Software:
Unknown - 7902

Top Keyboards:
Unknown - 7902

Top IP Classification:
hosting - 7808
Unknown - 92
mobile & hosting - 2

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/FuVmXrWF

#CyberSec #SOC #Blueteam #SecOps #Security

2025-05-15 RDP #Honeypot IOCs - 3951 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
174.138.67.202 - 1707
128.199.168.88 - 1114
128.199.166.57 - 1020

Top ASNs:
AS14061 - 3847
AS14315 - 36
AS396982 - 12

Top Accounts:
hello - 3882
142.93.8.59 - 21
Test - 14

Top ISPs:
DigitalOcean, LLC - 3847
Internet Utilities NA LLC - 36
Google LLC - 12

Top Clients:
Unknown - 3951

Top Software:
Unknown - 3951

Top Keyboards:
Unknown - 3951

Top IP Classification:
hosting - 3904
Unknown - 46
mobile & hosting - 1

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/sCh9aRgn

#CyberSec #SOC #Blueteam #SecOps #Security

I love ATT&CK Community. Every 15 minute talk is an interesting idea. Data, threats, tools - what's not to like.

#att&ck, #redteam, #blueteam, #purpleteam, #dataanalytics, #security, #research

Реализация атаки

Данная научная публикация посвящена анализу кибератаки с применением широко признанных фреймворков: MITRE ATT&CK, MITRE D3FEND , Cyber Kill Chain и количественной оценки CVSS , каждый из которых представляет уникальную точку зрения на тактики, техники и поведенческие паттерны злоумышленников. В исследовании акцент сделан на синергетическом эффекте , достигаемом при комплексном применении этих моделей.

https://habr.com/ru/articles/909562/

#информационная_безопасность #кибербезопасность #threatanalysis #threatintelligence #mitre_attack #mitre_d3fend #redteam #blueteam #soc #cyberkill_chain