2026-04-04 RDP #Honeypot IOCs - 294 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
143.198.111.35 - 111
80.94.95.221 - 39
206.189.89.171 - 24

Top ASNs:
AS14061 - 135
AS204428 - 42
AS396982 - 39

Top Accounts:
hello - 135
Administr - 48
Domain - 27

Top ISPs:
DigitalOcean, LLC - 135
SS-Net - 42
Google LLC - 39

Top Clients:
Unknown - 294

Top Software:
Unknown - 294

Top Keyboards:
Unknown - 294

Top IP Classification:
hosting - 177
Unknown - 99
mobile - 18

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

2026-04-04 RDP #Honeypot IOCs - 196 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
143.198.111.35 - 74
80.94.95.221 - 26
206.189.89.171 - 16

Top ASNs:
AS14061 - 90
AS204428 - 28
AS396982 - 26

Top Accounts:
hello - 90
Administr - 32
Domain - 18

Top ISPs:
DigitalOcean, LLC - 90
SS-Net - 28
Google LLC - 26

Top Clients:
Unknown - 196

Top Software:
Unknown - 196

Top Keyboards:
Unknown - 196

Top IP Classification:
hosting - 118
Unknown - 66
mobile - 12

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

2026-04-04 RDP #Honeypot IOCs - 98 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
143.198.111.35 - 37
80.94.95.221 - 13
206.189.89.171 - 8

Top ASNs:
AS14061 - 45
AS204428 - 14
AS396982 - 13

Top Accounts:
hello - 45
Administr - 16
Domain - 9

Top ISPs:
DigitalOcean, LLC - 45
SS-Net - 14
Google LLC - 13

Top Clients:
Unknown - 98

Top Software:
Unknown - 98

Top Keyboards:
Unknown - 98

Top IP Classification:
hosting - 59
Unknown - 33
mobile - 6

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

🧠 AsyncRAT Daily Report

⬇️ Trend: declining (30%)
📊 7 new samples
🌐 100 C2 servers

Full analysis, IOCs, and hashes:
https://www.yazoul.net/malware/async-rat/reports/2026-04-04

#CyberThreat #Malware #BlueTeam

2026-04-03 RDP #Honeypot IOCs - 1212 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
143.198.111.35 - 990
80.94.95.221 - 63
80.66.83.75 - 27

Top ASNs:
AS14061 - 993
AS204428 - 63
AS396982 - 36

Top Accounts:
hello - 990
Administr - 78
test - 39

Top ISPs:
DigitalOcean, LLC - 993
SS-Net - 63
Google LLC - 36

Top Clients:
Unknown - 1212

Top Software:
Unknown - 1212

Top Keyboards:
Unknown - 1212

Top IP Classification:
hosting - 1035
Unknown - 138
mobile - 39

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

2026-04-03 RDP #Honeypot IOCs - 808 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
143.198.111.35 - 660
80.94.95.221 - 42
80.66.83.75 - 18

Top ASNs:
AS14061 - 662
AS204428 - 42
AS396982 - 24

Top Accounts:
hello - 660
Administr - 52
test - 26

Top ISPs:
DigitalOcean, LLC - 662
SS-Net - 42
Google LLC - 24

Top Clients:
Unknown - 808

Top Software:
Unknown - 808

Top Keyboards:
Unknown - 808

Top IP Classification:
hosting - 690
Unknown - 92
mobile - 26

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

2026-04-03 RDP #Honeypot IOCs - 404 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
143.198.111.35 - 330
80.94.95.221 - 21
80.66.83.75 - 9

Top ASNs:
AS14061 - 331
AS204428 - 21
AS396982 - 12

Top Accounts:
hello - 330
Administr - 26
test - 13

Top ISPs:
DigitalOcean, LLC - 331
SS-Net - 21
Google LLC - 12

Top Clients:
Unknown - 404

Top Software:
Unknown - 404

Top Keyboards:
Unknown - 404

Top IP Classification:
hosting - 345
Unknown - 46
mobile - 13

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

🧠 Formbook Daily Report

⬇️ Trend: declining (24%)
📊 14 new samples
🌐 55 C2 servers

Full analysis, IOCs, and hashes:
https://www.yazoul.net/malware/formbook/reports/2026-04-03

#CyberThreat #Malware #BlueTeam

Another talk announcement!

🟣🤖 𝗚𝗢𝗢𝗗𝗕𝗬𝗘 𝗣𝗨𝗥𝗣𝗟𝗘 𝗧𝗘𝗔𝗠, 𝗛𝗘𝗟𝗟𝗢 𝗣𝗨𝗥𝗣𝗟𝗘 𝗕𝗢𝗧𝗦 - 𝗣𝗔𝗧𝗥𝗜𝗖𝗞 𝗠𝗞𝗛𝗔𝗘𝗟 & 𝗥𝗔𝗟𝗣𝗛 𝗘𝗟 𝗞𝗛𝗢𝗨𝗥𝗬 🛡️⚔️

What if purple teaming could run itself? 🚀 This talk reveals an AI driven framework that simulates real world attacks, uncovers detection gaps, and continuously strengthens your defenses with zero manual effort. It's more than automation. It is a smart, self evolving security cycle where offense and defense work together in real time to stay ahead of threats.

Patrick Mkhael https://pretalx.com/bsidesluxembourg-2026/speaker/WHMGFD/ is an Offensive Security R&D lead with a strong blue team foundation, now focused on red teaming, cloud pentesting, and building tools for adversary emulation and automated security testing.

Ralph El Khoury https://pretalx.com/bsidesluxembourg-2026/speaker/X9QCJN/ is a red teamer and CVE hunter with a passion for breaking AD and web apps. Teaches kids to question everything, starting with default credentials.

📅 Conference dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule Link: https://pretalx.com/bsidesluxembourg-2026/schedule/

#BSidesLuxembourg2026 #CyberSecurity #PurpleTeam #RedTeam #BlueTeam #AI