I'm always appreciative of scripts using /dev/tcp to fetch payloads. At least there is some effort here! (versus the thousands wget/curl payloads I see daily)

#honeypot #dfir #infosec #cybersecurity #threatintel

I guess access security was an afterthought for this building

#infosec #security #inefficient

Can someone confirm, is this exploitation of CVE-2023-22522 ? First time seeing this today so I will create proper rules in Lophiid to start interaction with future exploitation attempts

#honeypot #infosec #threatdetection #dfir

Solved the messy yara results. Now letting AI make a summary and put that on top.

#lophiid #honeypot #yara #infosec