Lmst

Hm. Over at the facesite I commented on a post about #bruteforce attacks on a commercial network product with a link to https://nxdomain.no/~peter/badness_enumerated_by_robots.html, and got a followup asking whether I have bruteforce protection "in front of" my ssh servers.

And this only hours after I scared the cat by LOL from seeing that the #pop3gropers are actively trying the local parts of my freshly random spamtraps (see https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html a bit down the page). #passwordgroping #cybercrime

🔑 Hackers love unlimited login attempts—it’s their way in. Set limits to stop brute force attacks before they start. 🛡️
👉 https://zurl.co/isutE

#CyberSecurity #BruteForce #Zevonix

A nebula of Ukrainian networks engaged in brute force and password spraying

Pulse ID: 68be5c2e972874afe87ac04b
Pulse Link: https://otx.alienvault.com/pulse/68be5c2e972874afe87ac04b
Pulse Author: Tr1sa111
Created: 2025-09-08 04:31:42

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BruteForce #CyberSecurity #InfoSec #OTX #OpenThreatExchange #Password #RCE #UK #Ukr #Ukrainian #Word #bot #Tr1sa111

Dein achtstelliges Passwort ist in Sekunden geknackt!

Passwortlänge zählt 🔑 Ein 8-stelliges #Passwort kann in Sekunden #geknackt werden, während ein 16-stelliges Passwort selbst modernen Rechnern jahrelange Rechenzeit abverlangt.

Exponentielle Sicherheit 📊 Jede zusätzliche Stelle verdoppelt oder vervielfacht die möglichen Kombinationen und macht #BruteForce-Angriffe erheblich schwerer. (1/2)

#magicthegathering #mtg #BruteForce #WayneReynolds

Card Name: Brute Force
Set: Planar Chaos
Description: Target creature gets +3/+3 until end of turn.
Artist: Wayne Reynolds

Die 10 LEVEL des #Passwort-Knackens 🔓

https://www.youtube.com/watch?v=1voCT8jEIBw

#Passwörter
#Sicherheit
#Privatsphäre
#RainbowTables
#BruteForce

A coordinated brute-force campaign has targeted Fortinet SSL VPNs, over 780 unique IPs launched credential attacks on August 3, followed by a change of target from FortiOS to FortiManager.

Read: https://hackread.com/brute-force-campaign-fortinet-ssl-vpn-coordinated-attack/

#Cybersecurity #Fortinet #BruteForce #CyberAttack #FortiOS #FortiManager

On August 3, we observed the largest single-day spike in brute-force activity against Fortinet SSL VPNs in recent months. Full breakdown of the campaign and how we traced it: https://www.greynoise.io/blog/vulnerability-fortinet-vpn-bruteforce-spike

#Fortinet #Cybersecurity #ThreatIntel #BruteForce #GreyNoise #SSL #VPN

Surge in Brute-Force Attempts Against Fortinet SSL VPNs

Jemand versucht gerade exzessiv, eine von mir frisch aufgesetzte WordPress-Webseite per Brute Force zu hacken.

Die Seite ist von Beginn an (seit einigen Tagen) mit einem Wartungsbild online.

Das besondere dabei ist: der oder die Angreifer verwenden bei jedem neuen Zugriff eine andere IP-Adressen.

Warum ich denke, dass es sich um einen gezielten Angriff eines Täters oder einer Gruppe von Tätern handelt? Weil es besondere andere Anzeichen genau dafür gibt.

#BruteForce #WordPress #Login #Attacke

So we are again playing the #VPN #bruteforce trend. Starting July 25th we are recording a spike in #VPN brute force attacks.

They mainly come from a couple of providers, around a dozen of subnets, around a hundred of total IP addresses.

Nothing new, but significant event, are we on the verge of a new #ransomware wave?

Die #Wordpress-Seite meiner Band zeigt übrigens einen ähnlichen Trend. D. h. wir sind vermutlich "Teilnehmer" einer größeren Kampagne, die die verschiedensten Sites mit #BruteForce-Angriffen beglücken.

Grafik fehlgeschlagener Anmeldeversuchen auf krachomantik.de

Hier noch etwas langfristige Statistik zum Thema #BruteForce auf #Wordpress: Obwohl es deutlich mehr ruhige Tage gibt, haben wir langfristig einen Schnitt von ca. 160 Login-Versuchen pro Tag auf unsere Webseite.

Statistik zu Brute Force Versuchen auf unsere Webseite.

Momentan erleben wir mal wieder eine #BruteForce Attacke auf unsere Webseite. Das passiert immer mal wieder und ist völlig normal, wenn man eine #Wordpress-Seite im Internet hat. Wir nutzen das Plugin Limit Login Attempts Reloaded in der kostenlosen und lokalen Version, um das überhaupt mitzubekommen und häufige IPs zu sperren.

Grafik zeigt einen Anstieg der fehlgeschlagenen Anmeldeversuche von 0 auf >3500

Exhaustive enumeration of Rogue seeds progress:

I've created an S3 bucket full of bitmaps for each room "feature" (currently only position and size), one bit per seed. This will allow reverse lookups -- if we want to find seeds where room 0 has height 6 and width 17, we can AND the corresponding bitmaps and find which bits are set. This is about 231GiB large.

But, the slow part is actually uploading to S3. Running a complete enumeration locally takes less than 14 minutes (and this without any particular effort put into optimization or parallelization!) So building a query engine over this data may not be worth the investment if it only takes that little time to run an exhaustive search.

I'm still thinking of a visualization. There are 2529 possible room configurations so a nice 51x50 grid could plot the relative frequency of each, in each room position. But, this makes large rooms look more probable than they are. (Rogue picks a room size and then places it to fit second, so there are many configurations for small rooms and only one for the largest room.)

However, this is still Rogue(*) not real Rogue. A small variant in which monsters are placed _after_ room creation, not _during_.

#Rogue #ProceduralContentGeneration #BruteForce

A screenshot of S3 showing 4MiB files named things like 00000000-room0-width16 which is <start of seed range>-<room 0 through 9>-<feature>.

A console log showing the 'time' output for a complete enumeration -- it reads 13m32.998 seconds. The end of a table is shown listing room id, configuration id, height, y offset, width, x offset, and the count of rooms with that configuration.

This says there are 40,775,101 seeds that produce a 25x7 room in the lower-right corner.

---EDIT---
DONE! Thx a Lot Magic People!!!

---/EDIT---

Hey Fediverse please do your magic:

I need the password-cracking table from Hive, but i guess I'm to dumb to sign up, or my security settings prevent me from getting in contact with them.

Can anybody provide me with a high res version of the table?

https://www.hivesystems.com/blog/are-your-passwords-in-the-green

Thx a lot and please boost

#fedihelp #password #security #hacking #cracking #bruteforce

#blog #article #informatique #cybersecurity #bruteforce
https://www.londonblog.ch/london-blog/b61825a/blog-article-2

Apache Tomcat is under siege—hackers are unleashing coordinated brute-force attacks on management panels by exploiting weak configurations. Could your server be at risk? Dive into the tactics and learn how to beef up your defenses.

https://thedefendopsdiaries.com/enhanced-security-measures-against-apache-tomcat-brute-force-attacks/

#apachetomcat
#bruteforce
#cybersecurity
#securitymeasures
#infosec

💡 Vulnerabilità Google: numeri utente ottenibili in meno di 20 minuti

https://gomoot.com/vulnerabilita-google-numeri-utente-ottenibili-in-meno-di-20-minuti

#blog #botguard #bruteforce #endpoint #google #javascript #news #password #picks #tech #tecnologia

Google just patched a flaw in its account recovery process that let attackers brute-force users' phone numbers. Imagine your number being one guess away from exposure—what does that mean for your online security? Read more.

https://thedefendopsdiaries.com/googles-account-recovery-vulnerability-a-closer-look/

#googlevulnerability
#accountsecurity
#cybersecurity
#infosec
#bruteforce