RDP Snitch19h ago

2026-05-17 RDP #Honeypot IOCs - 159 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
193.169.194.14 - 72
161.35.55.223 - 12
198.235.24.243 - 9

Top ASNs:
AS214576 - 72
AS396982 - 36
AS14061 - 24

Top Accounts:
(empty) - 75
jgjizn6a - 12
Domain - 9

Top ISPs:
Berdiev Ruslan Mukhabatovich - 72
Google LLC - 36
DigitalOcean, LLC - 24

Top Clients:
Unknown - 159

Top Software:
Unknown - 159

Top Keyboards:
Unknown - 159

Top IP Classification:
Unknown - 87
hosting - 69
hosting & proxy - 3

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch19h ago

2026-05-17 RDP #Honeypot IOCs - 106 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
193.169.194.14 - 48
161.35.55.223 - 8
198.235.24.243 - 6

Top ASNs:
AS214576 - 48
AS396982 - 24
AS14061 - 16

Top Accounts:
(empty) - 50
jgjizn6a - 8
Domain - 6

Top ISPs:
Berdiev Ruslan Mukhabatovich - 48
Google LLC - 24
DigitalOcean, LLC - 16

Top Clients:
Unknown - 106

Top Software:
Unknown - 106

Top Keyboards:
Unknown - 106

Top IP Classification:
Unknown - 58
hosting - 46
hosting & proxy - 2

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch19h ago

2026-05-17 RDP #Honeypot IOCs - 53 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
193.169.194.14 - 24
161.35.55.223 - 4
198.235.24.243 - 3

Top ASNs:
AS214576 - 24
AS396982 - 12
AS14061 - 8

Top Accounts:
(empty) - 25
jgjizn6a - 4
Domain - 3

Top ISPs:
Berdiev Ruslan Mukhabatovich - 24
Google LLC - 12
DigitalOcean, LLC - 8

Top Clients:
Unknown - 53

Top Software:
Unknown - 53

Top Keyboards:
Unknown - 53

Top IP Classification:
Unknown - 29
hosting - 23
hosting & proxy - 1

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch1d ago

2026-05-16 RDP #Honeypot IOCs - 258 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
193.26.115.213 - 81
193.169.194.14 - 30
45.142.193.145 - 24

Top ASNs:
AS210558 - 81
AS396982 - 48
AS214576 - 30

Top Accounts:
Administrator - 81
Test - 39
(empty) - 30

Top ISPs:
1337 Services GmbH - 81
Google LLC - 48
Berdiev Ruslan Mukhabatovich - 30

Top Clients:
Unknown - 258

Top Software:
Unknown - 258

Top Keyboards:
Unknown - 258

Top IP Classification:
Unknown - 114
proxy - 93
hosting - 51

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch1d ago

2026-05-16 RDP #Honeypot IOCs - 172 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
193.26.115.213 - 54
193.169.194.14 - 20
45.142.193.145 - 16

Top ASNs:
AS210558 - 54
AS396982 - 32
AS214576 - 20

Top Accounts:
Administrator - 54
Test - 26
(empty) - 20

Top ISPs:
1337 Services GmbH - 54
Google LLC - 32
Berdiev Ruslan Mukhabatovich - 20

Top Clients:
Unknown - 172

Top Software:
Unknown - 172

Top Keyboards:
Unknown - 172

Top IP Classification:
Unknown - 76
proxy - 62
hosting - 34

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch1d ago

2026-05-16 RDP #Honeypot IOCs - 86 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
193.26.115.213 - 27
193.169.194.14 - 10
45.142.193.145 - 8

Top ASNs:
AS210558 - 27
AS396982 - 16
AS214576 - 10

Top Accounts:
Administrator - 27
Test - 13
(empty) - 10

Top ISPs:
1337 Services GmbH - 27
Google LLC - 16
Berdiev Ruslan Mukhabatovich - 10

Top Clients:
Unknown - 86

Top Software:
Unknown - 86

Top Keyboards:
Unknown - 86

Top IP Classification:
Unknown - 38
proxy - 31
hosting - 17

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

laztname2d ago

New write-up: Weak SecOps exposed a ClickFix admin dashboard.

This investigation highlights exposed backups, hardcoded API keys, weak upload validation, and how stolen WordPress credentials were used to spread malware in a worm-like ClickFix campaign that is still active.

Read here:
https://potato.id/en/posts/weak-secops-exposed-clickfix-dashboard/

#CyberSecurity #Infosec #DFIR #ThreatIntelligence #ThreatHunting #IncidentResponse #MalwareAnalysis #WebSecurity #WordPressSecurity #OSINT #C2 #MalwareCampaign #SecOps #tech

How I Get Access ClickFix Dashboard Due to Bad SecOps

Discover how weak SecOps practices exposed a ClickFix admin dashboard. This cybersecurity case study covers reconnaissance techniques, security misconfigurations and key lessons learned.

Jonias Fortuna
Habr2d ago

Фишинг с подменой URI: или как один хитрый редирект может угнать ваши пароли

Всем привет! Хочу поделиться, возможно, не новым, но, на мой взгляд, довольно изощренным видом фишинга. Кто-то уже наверняка сталкивался с таким методом, а для кого-то он окажется в новинку.

https://habr.com/ru/articles/1035814/

#fishing #secops #blueteam #malicious_software_removal_tool

Фишинг с подменой URI: или как один хитрый редирект может угнать ваши пароли

Всем привет! Хочу поделиться, возможно, не новым, но, на мой взгляд, довольно изощренным видом фишинга. Кто-то уже наверняка сталкивался с таким методом, а для кого-то он окажется в новинку....

Хабр
RDP Snitch2d ago

2026-05-15 RDP #Honeypot IOCs - 243 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
179.41.3.66 - 132
111.170.152.113 - 15
45.142.193.145 - 12

Top ASNs:
AS22927 - 132
AS396982 - 36
AS151185 - 15

Top Accounts:
hello - 153
Test - 24
(empty) - 9

Top ISPs:
Telefonica de Argentina - 132
Google LLC - 36
China Telecom - 15

Top Clients:
Unknown - 243

Top Software:
Unknown - 243

Top Keyboards:
Unknown - 243

Top IP Classification:
Unknown - 183
hosting - 42
proxy - 12

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch2d ago

2026-05-15 RDP #Honeypot IOCs - 162 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
179.41.3.66 - 88
111.170.152.113 - 10
45.142.193.145 - 8

Top ASNs:
AS22927 - 88
AS396982 - 24
AS151185 - 10

Top Accounts:
hello - 102
Test - 16
(empty) - 6

Top ISPs:
Telefonica de Argentina - 88
Google LLC - 24
China Telecom - 10

Top Clients:
Unknown - 162

Top Software:
Unknown - 162

Top Keyboards:
Unknown - 162

Top IP Classification:
Unknown - 122
hosting - 28
proxy - 8

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security