RiskIQ has been acquired by MS. Is there no comparable pDNS service anywhere?
Ryosuke Eto
- 6 Followers
- 11 Following
- 8 Posts
🛡️Threat Researcher🇯🇵
@GossiTheDog Thank you for the list of scan results. Was the first day you ran the scan July 6, or have you been doing it for longer?
ArrayNetworks/Fortinet/Proself(online storage service) ...🤔 https://www.jpcert.or.jp/at/2023/at230029.html
The Shadowserver FoundationUPDATE: Cisco IOS XE Web UI CVE-2023-20198 version 2 BadCandy implant detection has dropped again 2023-11-03: https://dashboard.shadowserver.org/statistics/combined/time-series/?date_range=7&source=compromised_website&source=compromised_website6&tag=device-implant%2B&group_by=geo&style=stacked
Note on 2023-11-02 Cisco updated their threat advisory on CVE-2023-20198/BadCandy with observations of a version 3:
https://blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software/
Over 2200 unique IPs seen with CVE-2023-20198 attempts on 2023-11-03 in our honeypot sensors (many different actors now probing)
https://dashboard.shadowserver.org/statistics/honeypot/monitoring/vulnerability/?category=monitoring&statistic=unique_ips&d2=2023-11-03&limit=100
IMPORTANT: Surprise http://shadowserver.org domain suspension (changed to clientHold). Currently working hard to escalate with registrar and get back online, but all services currently impacted, including email
JPCERT/CC issued an alert to users in Japan, introducing an additional investigation report by Mandiant and related information from the FBI. #BarracudaESG #cve_2023_2868 #infosec #vulnerability
(Japanese only)
https://www.jpcert.or.jp/at/2023/at230017.html
(Japanese only)
https://www.jpcert.or.jp/at/2023/at230017.html
securityaffairsJapan's #JPCERT warns of new 'MalDoc in PDF' attack technique
https://securityaffairs.com/150012/hacking/maldoc-in-pdf-attack.html
#securityaffairs #hacking
https://securityaffairs.com/150012/hacking/maldoc-in-pdf-attack.html
#securityaffairs #hacking
