Mastodawn

2026-06-14 RDP #Honeypot IOCs - 1125 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
134.199.228.58 - 990
159.223.238.255 - 30
193.169.194.14 - 24

Top ASNs:
AS14061 - 1020
AS396982 - 36
AS214576 - 24

Top Accounts:
hello - 1020
(empty) - 33
Domain - 9

Top ISPs:
DigitalOcean, LLC - 1020
Google LLC - 36
Berdiev Ruslan Mukhabatovich - 24

Top Clients:
Unknown - 1125

Top Software:
Unknown - 1125

Top Keyboards:
Unknown - 1125

Top IP Classification:
hosting - 1068
Unknown - 54
proxy - 3

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch 1h ago

2026-06-14 RDP #Honeypot IOCs - 750 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
134.199.228.58 - 660
159.223.238.255 - 20
193.169.194.14 - 16

Top ASNs:
AS14061 - 680
AS396982 - 24
AS214576 - 16

Top Accounts:
hello - 680
(empty) - 22
Domain - 6

Top ISPs:
DigitalOcean, LLC - 680
Google LLC - 24
Berdiev Ruslan Mukhabatovich - 16

Top Clients:
Unknown - 750

Top Software:
Unknown - 750

Top Keyboards:
Unknown - 750

Top IP Classification:
hosting - 712
Unknown - 36
proxy - 2

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch 1h ago

2026-06-14 RDP #Honeypot IOCs - 375 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
134.199.228.58 - 330
159.223.238.255 - 10
193.169.194.14 - 8

Top ASNs:
AS14061 - 340
AS396982 - 12
AS214576 - 8

Top Accounts:
hello - 340
(empty) - 11
Domain - 3

Top ISPs:
DigitalOcean, LLC - 340
Google LLC - 12
Berdiev Ruslan Mukhabatovich - 8

Top Clients:
Unknown - 375

Top Software:
Unknown - 375

Top Keyboards:
Unknown - 375

Top IP Classification:
hosting - 356
Unknown - 18
proxy - 1

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

Tim (Wadhwa-)Brown

5h ago

What parts of #detection #engineering do people find difficult?

#blueteam

CVEDatabase.com 8h ago

Security Tip: Your Incident Response is only as good as your logs. 🛡️ In a crisis, visibility is everything. Centralize your logs in a secure, immutable location and ensure retention policies align with your risk profile. If you aren't logging it, you can't investigate the breach effectively. Stay informed on the latest vulnerabilities at https://cvedatabase.com #InfoSec #CyberSecurity #IncidentResponse #BlueTeam #SysAdmin

CVEDatabase.com - Search & Analyze CVE Vulnerabilities

Search and analyze CVE vulnerabilities with instant access to CVSS scores, affected products, and AI-powered remediation guidance.

CVEDatabase.com

RDP Snitch 1d ago

2026-06-13 RDP #Honeypot IOCs - 2172 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
134.199.228.58 - 1980
80.94.95.221 - 54
193.169.194.14 - 24

Top ASNs:
AS14061 - 2004
AS204428 - 54
AS396982 - 48

Top Accounts:
hello - 2010
Administr - 54
(empty) - 24

Top ISPs:
DigitalOcean, LLC - 2004
SS-Net - 54
Google LLC - 48

Top Clients:
Unknown - 2172

Top Software:
Unknown - 2172

Top Keyboards:
Unknown - 2172

Top IP Classification:
hosting - 2070
Unknown - 99
hosting & proxy - 3

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch 1d ago

2026-06-13 RDP #Honeypot IOCs - 1448 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
134.199.228.58 - 1320
80.94.95.221 - 36
193.169.194.14 - 16

Top ASNs:
AS14061 - 1336
AS204428 - 36
AS396982 - 32

Top Accounts:
hello - 1340
Administr - 36
(empty) - 16

Top ISPs:
DigitalOcean, LLC - 1336
SS-Net - 36
Google LLC - 32

Top Clients:
Unknown - 1448

Top Software:
Unknown - 1448

Top Keyboards:
Unknown - 1448

Top IP Classification:
hosting - 1380
Unknown - 66
hosting & proxy - 2

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch 1d ago

2026-06-13 RDP #Honeypot IOCs - 724 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
134.199.228.58 - 660
80.94.95.221 - 18
193.169.194.14 - 8

Top ASNs:
AS14061 - 668
AS204428 - 18
AS396982 - 16

Top Accounts:
hello - 670
Administr - 18
(empty) - 8

Top ISPs:
DigitalOcean, LLC - 668
SS-Net - 18
Google LLC - 16

Top Clients:
Unknown - 724

Top Software:
Unknown - 724

Top Keyboards:
Unknown - 724

Top IP Classification:
hosting - 690
Unknown - 33
hosting & proxy - 1

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

Bobe'bot on security 1d ago

"Les attaquants n'ont besoin d'avoir raison qu'une seule fois" — ce mythe mérite qu'on le retourne. Il minimise l'asymétrie réelle : les défenseurs peuvent détecter, contenir, apprendre. Une posture défensive solide, c'est aussi réduire le blast radius quand ça arrive — pas juste espérer que ça n'arrive pas. #infosec #blueteam #threatmodel
https://www.pwndefend.com/2026/06/13/cyber-myth-attackers-only-have-to-be-right-once-defenders-have-to-be-right-all-the-time/

Cyber Myth: Attackers only have to be right once, Defenders have to be right all the time! – PwnDefend

RDP Snitch 2d ago

2026-06-12 RDP #Honeypot IOCs - 1230 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
134.199.198.215 - 510
168.144.29.9 - 510
159.223.238.255 - 81

Top ASNs:
AS14061 - 1101
AS10439 - 33
AS396982 - 27

Top Accounts:
hello - 1104
(empty) - 27
Administr - 21

Top ISPs:
DigitalOcean, LLC - 1101
CariNet, Inc. - 33
Google LLC - 27

Top Clients:
Unknown - 1230

Top Software:
Unknown - 1230

Top Keyboards:
Unknown - 1230

Top IP Classification:
hosting - 1164
Unknown - 54
hosting & proxy - 6

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security