Mastodawn

Week 04 - 2026 #DFIR
https://thisweekin4n6.com/2026/01/25/week-04-2026/

Week 04 – 2026

No sponsor this week. If your organisation is interested, head over here to find out more. Digital Forensics Myanmar Network Action Predictor (Browser Forensic) SSD Recovery, Limitation a…

This Week In 4n6

~w00p~2h ago

Didn't know this one yet.

"Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (part of NCC Group)."

https://github.com/fox-it/dissect
https://docs.dissect.tools/en/latest/

#digitalforensics #dfir

tomchop 4h ago

I rarely post here, but when I do... I just updated my Volatility autoruns plugin to be compatible with Volatility 3 (long overdue!) Here's the goodies: https://github.com/tomchop/volatility3-autoruns #dfir #forensics #cybersecurity

GitHub - tomchop/volatility3-autoruns: Autoruns plugin for the Volatility3 framework

Autoruns plugin for the Volatility3 framework. Contribute to tomchop/volatility3-autoruns development by creating an account on GitHub.

GitHub

RDP Snitch 13h ago

2026-01-24 RDP #Honeypot IOCs - 231 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
47.25.7.101 - 39
80.94.95.198 - 21
106.51.189.137 - 21

Top ASNs:
AS396982 - 48
AS20115 - 39
AS204428 - 21

Top Accounts:
142.93.8.59 - 108
hello - 21
Test - 18

Top ISPs:
Google LLC - 48
Charter Communications - 39
SS-Net - 21

Top Clients:
Unknown - 231

Top Software:
Unknown - 231

Top Keyboards:
Unknown - 231

Top IP Classification:
Unknown - 141
hosting - 90

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch 13h ago

2026-01-24 RDP #Honeypot IOCs - 154 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
47.25.7.101 - 26
80.94.95.198 - 14
106.51.189.137 - 14

Top ASNs:
AS396982 - 32
AS20115 - 26
AS204428 - 14

Top Accounts:
142.93.8.59 - 72
hello - 14
Test - 12

Top ISPs:
Google LLC - 32
Charter Communications - 26
SS-Net - 14

Top Clients:
Unknown - 154

Top Software:
Unknown - 154

Top Keyboards:
Unknown - 154

Top IP Classification:
Unknown - 94
hosting - 60

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch 13h ago

2026-01-24 RDP #Honeypot IOCs - 77 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
47.25.7.101 - 13
80.94.95.198 - 7
106.51.189.137 - 7

Top ASNs:
AS396982 - 16
AS20115 - 13
AS204428 - 7

Top Accounts:
142.93.8.59 - 36
hello - 7
Test - 6

Top ISPs:
Google LLC - 16
Charter Communications - 13
SS-Net - 7

Top Clients:
Unknown - 77

Top Software:
Unknown - 77

Top Keyboards:
Unknown - 77

Top IP Classification:
Unknown - 47
hosting - 30

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch 1d ago

2026-01-23 RDP #Honeypot IOCs - 840 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
134.199.198.215 - 495
37.19.198.89 - 48
47.25.7.101 - 42

Top ASNs:
AS14061 - 525
AS212238 - 48
AS20115 - 42

Top Accounts:
hello - 615
142.93.8.59 - 174
Administr - 9

Top ISPs:
DigitalOcean, LLC - 525
Datacamp Limited - 48
Charter Communications - 42

Top Clients:
Unknown - 840

Top Software:
Unknown - 840

Top Keyboards:
Unknown - 840

Top IP Classification:
hosting - 609
Unknown - 171
hosting & proxy - 60

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch 1d ago

2026-01-23 RDP #Honeypot IOCs - 560 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
134.199.198.215 - 330
37.19.198.89 - 32
47.25.7.101 - 28

Top ASNs:
AS14061 - 350
AS212238 - 32
AS20115 - 28

Top Accounts:
hello - 410
142.93.8.59 - 116
Administr - 6

Top ISPs:
DigitalOcean, LLC - 350
Datacamp Limited - 32
Charter Communications - 28

Top Clients:
Unknown - 560

Top Software:
Unknown - 560

Top Keyboards:
Unknown - 560

Top IP Classification:
hosting - 406
Unknown - 114
hosting & proxy - 40

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch 1d ago

2026-01-23 RDP #Honeypot IOCs - 280 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
134.199.198.215 - 165
37.19.198.89 - 16
47.25.7.101 - 14

Top ASNs:
AS14061 - 175
AS212238 - 16
AS20115 - 14

Top Accounts:
hello - 205
142.93.8.59 - 58
Administr - 3

Top ISPs:
DigitalOcean, LLC - 175
Datacamp Limited - 16
Charter Communications - 14

Top Clients:
Unknown - 280

Top Software:
Unknown - 280

Top Keyboards:
Unknown - 280

Top IP Classification:
hosting - 203
Unknown - 57
hosting & proxy - 20

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

Forensic Focus 1d ago

Discover what’s new on Forensic Focus – from preparing investigators for trauma exposure and examining the value of digital forensic triage, to covert cyber investigator well-being and the latest Oxygen Forensic KeyDiver webinar. https://www.forensicfocus.com/news/forensic-focus-digest-january-23-2026/ #DigitalForensics #DFIR