DEF CON3h ago

DEF CON Training Las Vegas 2026 Course Lineup is now live!

We’re thrilled to share the full slate of courses for DEF CON Training in Las Vegas! Join us in August for hands-on courses led by top practitioners from across the community.

For the first time ever, we will offer 1-day, 2-day, and 4-day classes! Whatever your needs, whether you’re sharpening fundamentals or diving deep into advanced techniques, there’s something here for you!

Explore the full lineup and course details here: https://training.defcon.org/

Explore our offerings, grab your seat, and get ready to learn and build.

#DEFCON #DEFCONTraining #LasVegas #DC34 #Cybersecurity #Training #InfoSec #HackerCommunity #RedTeam #BlueTeam #AI #CyberTraining

Shecky - Third Wheel7h ago
"The kill chain matters, because detection is in part a timing problem. The later you detect, the worse things get."
Truer words I have not recently heard. This is a fantastic post about why C2detection should not be your first line of defense. #BlueTeam
https://medium.com/breakout-time/the-c2-trap-3acabbc7a04f
The C2 Trap

Start at the Beginning. Not at the End

Medium
Cyber Tips Guide8h ago
Fraud today is a relay race: bots create accounts, residential proxies hide em', humans take over & cash out. Single-signal checks (IP, device) won’t cut it; you need end-to-end correlation of IP, identity, device, and behavior. #Blueteam #cybersecurity 🔗https://zurl.co/I5UIE
Inside a Modern Fraud Attack: From Bot Signups to Account Takeovers

Multi-stage fraud attacks chain bots, proxies, and stolen credentials from signup to takeover. IPQS shows why correlating IP, device, identity, and behavior is critical to stop it.

BleepingComputer
The DFIR Report8h ago

🧪 DFIR Labs | Monthly Giveaways

We’re launching monthly giveaways inside DFIR Labs 🎉

Get access to exclusive giveaways and hands-on help with your investigations.

Join the DFIR Labs Discord — purchase any case or subscription to unlock access.

👉 https://dfirlabs.thedfirreport.com/

#DFIR #InfoSec #BlueTeam #ThreatHunting #DigitalForensics #CyberSecurity

DFIR Labs Portal - Digital Forensics Training

r1cksec11h ago

A post about identifying key areas of Configuration Manager (SCCM) infrastructure that defenders can implement for deception solutions

https://specterops.io/blog/2026/02/19/mapping-deception-solutions-with-bloodhound-opengraph-configuration-manager

#infosec #cybersecurity #redteam #blueteam #windows #dfir

Mapping Deception Solutions With BloodHound OpenGraph  – Configuration Manager

Deception and canary development implemented in SCCM can be used to alert upon cyber attacks and intrusions. This blog provides step by step guidance to implement deception solutions and use BloodHound OpenGraph for planning.

SpecterOps
RDP Snitch22h ago

2026-03-31 RDP #Honeypot IOCs - 705 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
143.198.111.35 - 495
143.110.190.12 - 36
80.66.83.75 - 27

Top ASNs:
AS14061 - 531
AS216473 - 42
AS396982 - 36

Top Accounts:
hello - 531
Administr - 39
Domain - 36

Top ISPs:
DigitalOcean, LLC - 531
Bashinskii Vadim Ruslanovich - 42
Google LLC - 36

Top Clients:
Unknown - 705

Top Software:
Unknown - 705

Top Keyboards:
Unknown - 705

Top IP Classification:
hosting & proxy - 495
Unknown - 102
hosting - 96

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch22h ago

2026-03-31 RDP #Honeypot IOCs - 470 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
143.198.111.35 - 330
143.110.190.12 - 24
80.66.83.75 - 18

Top ASNs:
AS14061 - 354
AS216473 - 28
AS396982 - 24

Top Accounts:
hello - 354
Administr - 26
Domain - 24

Top ISPs:
DigitalOcean, LLC - 354
Bashinskii Vadim Ruslanovich - 28
Google LLC - 24

Top Clients:
Unknown - 470

Top Software:
Unknown - 470

Top Keyboards:
Unknown - 470

Top IP Classification:
hosting & proxy - 330
Unknown - 68
hosting - 64

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch22h ago

2026-03-31 RDP #Honeypot IOCs - 235 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
143.198.111.35 - 165
143.110.190.12 - 12
80.66.83.75 - 9

Top ASNs:
AS14061 - 177
AS216473 - 14
AS396982 - 12

Top Accounts:
hello - 177
Administr - 13
Domain - 12

Top ISPs:
DigitalOcean, LLC - 177
Bashinskii Vadim Ruslanovich - 14
Google LLC - 12

Top Clients:
Unknown - 235

Top Software:
Unknown - 235

Top Keyboards:
Unknown - 235

Top IP Classification:
hosting & proxy - 165
Unknown - 34
hosting - 32

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch1d ago

2026-03-30 RDP #Honeypot IOCs - 681 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
143.198.111.35 - 495
80.66.83.74 - 27
80.94.95.221 - 21

Top ASNs:
AS14061 - 495
AS396982 - 45
AS204428 - 45

Top Accounts:
hello - 510
Administr - 54
Domain - 45

Top ISPs:
DigitalOcean, LLC - 495
Google LLC - 45
SS-Net - 45

Top Clients:
Unknown - 681

Top Software:
Unknown - 681

Top Keyboards:
Unknown - 681

Top IP Classification:
hosting & proxy - 495
Unknown - 117
hosting - 51

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch1d ago

2026-03-30 RDP #Honeypot IOCs - 454 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
143.198.111.35 - 330
80.66.83.74 - 18
80.94.95.221 - 14

Top ASNs:
AS14061 - 330
AS396982 - 30
AS204428 - 30

Top Accounts:
hello - 340
Administr - 36
Domain - 30

Top ISPs:
DigitalOcean, LLC - 330
Google LLC - 30
SS-Net - 30

Top Clients:
Unknown - 454

Top Software:
Unknown - 454

Top Keyboards:
Unknown - 454

Top IP Classification:
hosting & proxy - 330
Unknown - 78
hosting - 34

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security