RDP Snitch21h ago

2026-03-27 RDP #Honeypot IOCs - 2691 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
183.81.35.16 - 2283
38.76.31.20 - 216
14.236.13.46 - 33

Top ASNs:
AS18403 - 2283
AS174 - 216
AS396982 - 48

Top Accounts:
hello - 2574
Administr - 39
Test - 18

Top ISPs:
FPT Telecom Company - 2283
Cogent Communications - 216
Google LLC - 48

Top Clients:
Unknown - 2691

Top Software:
Unknown - 2691

Top Keyboards:
Unknown - 2691

Top IP Classification:
Unknown - 2610
hosting - 81

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch21h ago

2026-03-27 RDP #Honeypot IOCs - 1794 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
183.81.35.16 - 1522
38.76.31.20 - 144
14.236.13.46 - 22

Top ASNs:
AS18403 - 1522
AS174 - 144
AS396982 - 32

Top Accounts:
hello - 1716
Administr - 26
Test - 12

Top ISPs:
FPT Telecom Company - 1522
Cogent Communications - 144
Google LLC - 32

Top Clients:
Unknown - 1794

Top Software:
Unknown - 1794

Top Keyboards:
Unknown - 1794

Top IP Classification:
Unknown - 1740
hosting - 54

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch21h ago

2026-03-27 RDP #Honeypot IOCs - 897 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
183.81.35.16 - 761
38.76.31.20 - 72
14.236.13.46 - 11

Top ASNs:
AS18403 - 761
AS174 - 72
AS396982 - 16

Top Accounts:
hello - 858
Administr - 13
Test - 6

Top ISPs:
FPT Telecom Company - 761
Cogent Communications - 72
Google LLC - 16

Top Clients:
Unknown - 897

Top Software:
Unknown - 897

Top Keyboards:
Unknown - 897

Top IP Classification:
Unknown - 870
hosting - 27

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

 Qiita - 人気の記事1d ago

ハニーポット観測:公開サーバで利用可能なAIサービスの探索パケットの観測状況
https://qiita.com/melymmt/items/f86de420891531b2a017?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #Security #honeypot #生成AI

ハニーポット観測:公開サーバで利用可能なAIサービスの探索パケットの観測状況 - Qiita

はじめに 三菱電機の山元です。 弊社のハニーポットにて、生成AIサービスを標的とした探索活動を観測しました。 今後、生成AIを利用した開発やサービス提供はさらに増加すると予測されます。その際、生成AIのモデルが外部から不正に操作されないよう、設定確認の強化が必要です。 今...

Qiita
Habr1d ago

Охота на AI-инфраструктуру, часть 2: что делают с чужим Ollama — от трейдинг-ботов до контент-ферм

В первой части я рассказал, как ханипот поймал сканер MCP-серверов — новый вектор разведки, нацеленный на AI-инфраструктуру. Сегодня — про другую сторону: что происходит, когда атакующий находит открытый Ollama. Статья документирует реальные сессии злоупотребления открытыми LLM-инстансами: кто подключается, какие промпты шлёт, какие модели запрашивает. Данные собраны с трёх ханипотов (DE, US, RU) за март 2026.

https://habr.com/ru/articles/1015646/

#honeypot #ollama #docker #threat_intelligence #container_security #LLM #AI_security #resource_hijacking

Охота на AI-инфраструктуру, часть 2: что делают с чужим Ollama — от трейдинг-ботов до контент-ферм

В первой части я рассказал, как ханипот поймал сканер MCP-серверов — новый вектор разведки, нацеленный на AI-инфраструктуру. Сегодня — про другую сторону: что происходит, когда атакующий находит...

Хабр
RDP Snitch1d ago

2026-03-26 RDP #Honeypot IOCs - 4728 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
183.81.35.16 - 4176
143.198.111.35 - 372
194.164.107.5 - 30

Top ASNs:
AS18403 - 4176
AS14061 - 384
AS396982 - 36

Top Accounts:
hello - 4560
Administr - 42
Test - 33

Top ISPs:
FPT Telecom Company - 4176
DigitalOcean, LLC - 384
Google LLC - 36

Top Clients:
Unknown - 4728

Top Software:
Unknown - 4728

Top Keyboards:
Unknown - 4728

Top IP Classification:
Unknown - 4302
hosting & proxy - 372
hosting - 54

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch1d ago

2026-03-26 RDP #Honeypot IOCs - 3152 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
183.81.35.16 - 2784
143.198.111.35 - 248
194.164.107.5 - 20

Top ASNs:
AS18403 - 2784
AS14061 - 256
AS396982 - 24

Top Accounts:
hello - 3040
Administr - 28
Test - 22

Top ISPs:
FPT Telecom Company - 2784
DigitalOcean, LLC - 256
Google LLC - 24

Top Clients:
Unknown - 3152

Top Software:
Unknown - 3152

Top Keyboards:
Unknown - 3152

Top IP Classification:
Unknown - 2868
hosting & proxy - 248
hosting - 36

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch1d ago

2026-03-26 RDP #Honeypot IOCs - 1576 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
183.81.35.16 - 1392
143.198.111.35 - 124
194.164.107.5 - 10

Top ASNs:
AS18403 - 1392
AS14061 - 128
AS396982 - 12

Top Accounts:
hello - 1520
Administr - 14
Test - 11

Top ISPs:
FPT Telecom Company - 1392
DigitalOcean, LLC - 128
Google LLC - 12

Top Clients:
Unknown - 1576

Top Software:
Unknown - 1576

Top Keyboards:
Unknown - 1576

Top IP Classification:
Unknown - 1434
hosting & proxy - 124
hosting - 18

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch2d ago

2026-03-25 RDP #Honeypot IOCs - 4950 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
183.81.35.16 - 4233
143.198.111.35 - 636
80.94.95.221 - 12

Top ASNs:
AS18403 - 4233
AS14061 - 636
AS396982 - 36

Top Accounts:
hello - 4875
Administr - 18
(empty) - 9

Top ISPs:
FPT Telecom Company - 4233
DigitalOcean, LLC - 636
Google LLC - 36

Top Clients:
Unknown - 4950

Top Software:
Unknown - 4950

Top Keyboards:
Unknown - 4950

Top IP Classification:
Unknown - 4257
hosting & proxy - 636
hosting - 51

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security

RDP Snitch2d ago

2026-03-25 RDP #Honeypot IOCs - 3300 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
183.81.35.16 - 2822
143.198.111.35 - 424
80.94.95.221 - 8

Top ASNs:
AS18403 - 2822
AS14061 - 424
AS396982 - 24

Top Accounts:
hello - 3250
Administr - 12
(empty) - 6

Top ISPs:
FPT Telecom Company - 2822
DigitalOcean, LLC - 424
Google LLC - 24

Top Clients:
Unknown - 3300

Top Software:
Unknown - 3300

Top Keyboards:
Unknown - 3300

Top IP Classification:
Unknown - 2838
hosting & proxy - 424
hosting - 34

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key

#CyberSec #SOC #Blueteam #SecOps #Security