Mastodawn

24 hours until the CfP for "LAC-CSIRTs Meeting (LACNIC45 - Panama City, Panama)" closes: https://papercall.io/cfps/6188/submissions/new

#cfp #conference #Csirt #Security #Misp #Training #Dfir #Ransomware #Ddos #Community #Cybersecurity #Threat intelligence #Security awareness #Tabletop exercise #Artificial intelligence (ai) #Supply chain security #Iot security #Llm security #Vibe coding security #Lacnic45

PaperCall.io

Phillmoore 7h ago

Week 12 - 2026 #DFIR
https://thisweekin4n6.com/2026/03/22/week-12-2026/

Week 12 – 2026

Mobile Forensics CheatsheetMobile devices track vast amounts of user activity—often a goldmine of forensic evidence:- Device information- Application usage- Bluetooth and Wi-Fi connections- …and ot…

This Week In 4n6

RDP Snitch 20h ago

2026-03-21 RDP #Honeypot IOCs - 261 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
103.9.207.80 - 108
143.110.190.12 - 30
80.94.95.88 - 18

Top ASNs:
AS135905 - 108
AS396982 - 39
AS14061 - 30

Top Accounts:
hello - 144
Test - 36
Domain - 18

Top ISPs:
SUNSOFT - 108
Google LLC - 39
DigitalOcean, LLC - 30

Top Clients:
Unknown - 261

Top Software:
Unknown - 261

Top Keyboards:
Unknown - 261

Top IP Classification:
Unknown - 180
hosting - 75
proxy - 6

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch 20h ago

2026-03-21 RDP #Honeypot IOCs - 174 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
103.9.207.80 - 72
143.110.190.12 - 20
80.94.95.88 - 12

Top ASNs:
AS135905 - 72
AS396982 - 26
AS14061 - 20

Top Accounts:
hello - 96
Test - 24
Domain - 12

Top ISPs:
SUNSOFT - 72
Google LLC - 26
DigitalOcean, LLC - 20

Top Clients:
Unknown - 174

Top Software:
Unknown - 174

Top Keyboards:
Unknown - 174

Top IP Classification:
Unknown - 120
hosting - 50
proxy - 4

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch 20h ago

2026-03-21 RDP #Honeypot IOCs - 87 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
103.9.207.80 - 36
143.110.190.12 - 10
80.94.95.88 - 6

Top ASNs:
AS135905 - 36
AS396982 - 13
AS14061 - 10

Top Accounts:
hello - 48
Test - 12
Domain - 6

Top ISPs:
SUNSOFT - 36
Google LLC - 13
DigitalOcean, LLC - 10

Top Clients:
Unknown - 87

Top Software:
Unknown - 87

Top Keyboards:
Unknown - 87

Top IP Classification:
Unknown - 60
hosting - 25
proxy - 2

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

BrightByteLabs 1d ago

ThreatLab routes all sandbox traffic through dedicated WireGuard exit nodes across the US, UK, Germany, and Spain. Kill switch prevents IP leaks if the tunnel drops. Your real IP never touches the malware's C2.

threatlabsandbox.com

#dfir #blueteam #malwareanalysis #infosec #sigma #sysmon #incidentresponse #blueteam

RDP Snitch 1d ago

2026-03-20 RDP #Honeypot IOCs - 411 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
193.26.115.213 - 174
103.9.207.80 - 111
167.71.102.165 - 30

Top ASNs:
AS210558 - 174
AS135905 - 111
AS14061 - 45

Top Accounts:
hello - 147
Administrator - 87
Admin - 87

Top ISPs:
1337 Services GmbH - 174
SUNSOFT - 111
DigitalOcean, LLC - 45

Top Clients:
Unknown - 411

Top Software:
Unknown - 411

Top Keyboards:
Unknown - 411

Top IP Classification:
proxy - 180
Unknown - 147
hosting - 81

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch 1d ago

2026-03-20 RDP #Honeypot IOCs - 274 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
193.26.115.213 - 116
103.9.207.80 - 74
167.71.102.165 - 20

Top ASNs:
AS210558 - 116
AS135905 - 74
AS14061 - 30

Top Accounts:
hello - 98
Administrator - 58
Admin - 58

Top ISPs:
1337 Services GmbH - 116
SUNSOFT - 74
DigitalOcean, LLC - 30

Top Clients:
Unknown - 274

Top Software:
Unknown - 274

Top Keyboards:
Unknown - 274

Top IP Classification:
proxy - 120
Unknown - 98
hosting - 54

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch 1d ago

2026-03-20 RDP #Honeypot IOCs - 137 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
193.26.115.213 - 58
103.9.207.80 - 37
167.71.102.165 - 10

Top ASNs:
AS210558 - 58
AS135905 - 37
AS14061 - 15

Top Accounts:
hello - 49
Administrator - 29
Admin - 29

Top ISPs:
1337 Services GmbH - 58
SUNSOFT - 37
DigitalOcean, LLC - 15

Top Clients:
Unknown - 137

Top Software:
Unknown - 137

Top Keyboards:
Unknown - 137

Top IP Classification:
proxy - 60
Unknown - 49
hosting - 27

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

Beercow

1d ago

SmackThatHash features AmCache SHA1 variant and QuickXorHash (OneDrive). Run against a single file or entire folder recursively. Pick from preset hashes or roll your own. Console and csv output. #DFIR

https://github.com/Beercow/SmackThatHash

GitHub - Beercow/SmackThatHash: Hashing utility including AmCache SHA1 and QuickXorHash

Hashing utility including AmCache SHA1 and QuickXorHash - Beercow/SmackThatHash

GitHub