RDP Snitch5h ago

2026-03-28 RDP #Honeypot IOCs - 765 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
143.198.111.35 - 495
38.76.31.20 - 108
80.94.95.221 - 48

Top ASNs:
AS14061 - 510
AS174 - 108
AS204428 - 63

Top Accounts:
hello - 606
Administr - 87
Test - 12

Top ISPs:
DigitalOcean, LLC - 510
Cogent Communications - 108
SS-Net - 63

Top Clients:
Unknown - 765

Top Software:
Unknown - 765

Top Keyboards:
Unknown - 765

Top IP Classification:
hosting & proxy - 510
Unknown - 216
hosting - 39

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch5h ago

2026-03-28 RDP #Honeypot IOCs - 510 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
143.198.111.35 - 330
38.76.31.20 - 72
80.94.95.221 - 32

Top ASNs:
AS14061 - 340
AS174 - 72
AS204428 - 42

Top Accounts:
hello - 404
Administr - 58
Test - 8

Top ISPs:
DigitalOcean, LLC - 340
Cogent Communications - 72
SS-Net - 42

Top Clients:
Unknown - 510

Top Software:
Unknown - 510

Top Keyboards:
Unknown - 510

Top IP Classification:
hosting & proxy - 340
Unknown - 144
hosting - 26

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch5h ago

2026-03-28 RDP #Honeypot IOCs - 255 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
143.198.111.35 - 165
38.76.31.20 - 36
80.94.95.221 - 16

Top ASNs:
AS14061 - 170
AS174 - 36
AS204428 - 21

Top Accounts:
hello - 202
Administr - 29
Test - 4

Top ISPs:
DigitalOcean, LLC - 170
Cogent Communications - 36
SS-Net - 21

Top Clients:
Unknown - 255

Top Software:
Unknown - 255

Top Keyboards:
Unknown - 255

Top IP Classification:
hosting & proxy - 170
Unknown - 72
hosting - 13

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch1d ago

2026-03-27 RDP #Honeypot IOCs - 2691 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
183.81.35.16 - 2283
38.76.31.20 - 216
14.236.13.46 - 33

Top ASNs:
AS18403 - 2283
AS174 - 216
AS396982 - 48

Top Accounts:
hello - 2574
Administr - 39
Test - 18

Top ISPs:
FPT Telecom Company - 2283
Cogent Communications - 216
Google LLC - 48

Top Clients:
Unknown - 2691

Top Software:
Unknown - 2691

Top Keyboards:
Unknown - 2691

Top IP Classification:
Unknown - 2610
hosting - 81

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch1d ago

2026-03-27 RDP #Honeypot IOCs - 1794 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
183.81.35.16 - 1522
38.76.31.20 - 144
14.236.13.46 - 22

Top ASNs:
AS18403 - 1522
AS174 - 144
AS396982 - 32

Top Accounts:
hello - 1716
Administr - 26
Test - 12

Top ISPs:
FPT Telecom Company - 1522
Cogent Communications - 144
Google LLC - 32

Top Clients:
Unknown - 1794

Top Software:
Unknown - 1794

Top Keyboards:
Unknown - 1794

Top IP Classification:
Unknown - 1740
hosting - 54

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch1d ago

2026-03-27 RDP #Honeypot IOCs - 897 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
183.81.35.16 - 761
38.76.31.20 - 72
14.236.13.46 - 11

Top ASNs:
AS18403 - 761
AS174 - 72
AS396982 - 16

Top Accounts:
hello - 858
Administr - 13
Test - 6

Top ISPs:
FPT Telecom Company - 761
Cogent Communications - 72
Google LLC - 16

Top Clients:
Unknown - 897

Top Software:
Unknown - 897

Top Keyboards:
Unknown - 897

Top IP Classification:
Unknown - 870
hosting - 27

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

BSidesLuxembourg1d ago

Just Announced for BSides Luxembourg 2026!

๐—™๐—ฅ๐—ข๐—  ๐—›๐—ข๐—จ๐—ฅ๐—ฆ ๐—ง๐—ข ๐— ๐—œ๐—ก๐—จ๐—ง๐—˜๐—ฆ: ๐—”๐—จ๐—ง๐—ข๐— ๐—”๐—ง๐—œ๐—ก๐—š ๐—œ๐—ก๐—–๐—œ๐——๐—˜๐—ก๐—ง ๐—ฅ๐—˜๐—ฆ๐—ฃ๐—ข๐—ก๐—ฆ๐—˜ ๐—ง๐—ฅ๐—œ๐—”๐—š๐—˜ ๐—ช๐—œ๐—ง๐—› ๐—ข๐—ฃ๐—˜๐—ก-๐—ฆ๐—ข๐—จ๐—ฅ๐—–๐—˜ ๐—ง๐—ข๐—ข๐—Ÿ๐—ฆ - ๐— ๐—”๐—ฅ๐—ž๐—จ๐—ฆ ๐—˜๐—œ๐—ก๐—”๐—ฅ๐—ฆ๐—ฆ๐—ข๐—ก

Speed is critical in incident response, and traditional forensic processes often slow teams down. This session demonstrates how to automate forensic triage using open-source toolsโ€”transforming data collection, analysis, and collaboration into a streamlined, cloud-driven workflow. By integrating tools like Velociraptor, OpenRelik, Hayabusa, Plaso/log2timeline, and Timesketch, responders can reduce investigation time from hours to minutes while maintaining forensic integrity and improving team collaboration.

Markus Einarsson https://linkedin.com/in/markuseinarsson/ is a Security Architect and Incident Response Lead at Sectra in Sweden, specializing in digital forensics, incident response, and scalable security workflows, with deep expertise in modern DFIR toolchains and open-source automation.

๐Ÿ“… Conference Dates: 6โ€“8 May 2026 | 09:00โ€“18:00
๐Ÿ“ 14, Porte de France, Esch-sur-Alzette, Luxembourg
๐ŸŽŸ๏ธ Tickets: https://2026.bsides.lu/tickets/
๐Ÿ“… Schedule Link: https://pretalx.com/bsidesluxembourg-2026/schedule/

#BSidesLuxembourg #IncidentResponse #DigitalForensics #DFIR #CyberSecurity #OpenSource

Hal Pomeranz1d ago

I may regret this. You may regret this.

I've just put out a Linux forensics scenario for you all to play around with. There's a contest. You r submissions are due by 2026-04-15 23:59 UTC.

https://righteousit.com/2026/03/27/linux-forensic-scenario/

#DFIR #Linux

Linux Forensic Scenario

Introducing a contest based around a new Linux forensic scenario I created. Submissions for judging are due by 2026-04-15 23:59 UTC!

Righteous IT
RDP Snitch2d ago

2026-03-26 RDP #Honeypot IOCs - 4728 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
183.81.35.16 - 4176
143.198.111.35 - 372
194.164.107.5 - 30

Top ASNs:
AS18403 - 4176
AS14061 - 384
AS396982 - 36

Top Accounts:
hello - 4560
Administr - 42
Test - 33

Top ISPs:
FPT Telecom Company - 4176
DigitalOcean, LLC - 384
Google LLC - 36

Top Clients:
Unknown - 4728

Top Software:
Unknown - 4728

Top Keyboards:
Unknown - 4728

Top IP Classification:
Unknown - 4302
hosting & proxy - 372
hosting - 54

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch2d ago

2026-03-26 RDP #Honeypot IOCs - 3152 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
183.81.35.16 - 2784
143.198.111.35 - 248
194.164.107.5 - 20

Top ASNs:
AS18403 - 2784
AS14061 - 256
AS396982 - 24

Top Accounts:
hello - 3040
Administr - 28
Test - 22

Top ISPs:
FPT Telecom Company - 2784
DigitalOcean, LLC - 256
Google LLC - 24

Top Clients:
Unknown - 3152

Top Software:
Unknown - 3152

Top Keyboards:
Unknown - 3152

Top IP Classification:
Unknown - 2868
hosting & proxy - 248
hosting - 36

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security