Common #usernames submitted to #honeypots - SANS Internet Storm Center https://isc.sans.edu/diary/rss/30188 #security #itsec #itesecurity

#Cybersecurity #Hacking #Honeypots #Surveillance: "Imagine being able to sit behind a hacker and observe them take control of a computer and play around with it.

That’s pretty much what two security researchers did thanks to a large network of computers set up as a honeypot for hackers.

The researchers deployed several Windows servers deliberately exposed on the internet, set up with Remote Desktop Protocol, or RDP, meaning that hackers could remotely control the compromised servers as if they were regular users, being able to type and click around.

Thanks to these honeypots, the researchers were able to record 190 million events and 100 hours of video footage of hackers taking control of the servers and performing a series of actions on them, including reconnaissance, installing malware that mines cryptocurrencies, using Android emulators to conduct click fraud, brute-forcing passwords for other computers, hiding the hackers’ identities by using the honeypot as a starting point for another attack, and even watching porn. The researchers said a hacker successfully logging into its honeypot can generate “tens of events” alone.

“It’s basically like a surveillance camera for RDP system because we see everything,” Andréanne Bergeron, who has a Ph.D. in criminology from the University of Montreal, told TechCrunch.

Bergeron, who also works for cybersecurity firm GoSecure, worked with her colleague Olivier Bilodeau on this research. The two presented their findings on Wednesday at the Black Hat cybersecurity conference in Las Vegas."

#Panasonic Warns That #IoT #Malware Attack Cycles Are Accelerating

The legacy electronics manufacturer is creating IoT #honeypots with its products to catch real-world threats and patch vulnerabilities in-house.

https://www.wired.com/story/panasonic-iot-malware-honeypots/

@AnarchoNinaWrites OFC!

In fact, all those services stench like the #Honeypots they are and I'd call LEAs to be "criminally incompetent" if they didn't sabotage it [#EncroChat] or did actually run it from day 0 [#ANØM]...

Cuz when push comes to shove, they'll all rat out their users!
https://www.youtube.com/watch?v=QCx_G_R0UmQ
https://twitter.com/thegrugq/status/1085614812581715968

WARNING: Many "russian" sites that advertise things like "PRIVATE" and "SECURE" go through CloudFlare.

#honeyPots #astroTurf #MITMaaS

@patrickcmiller
As she should. Any organization that stores such #SensitiveData should have #infosec on the same level as the #BigBanks (hardware token #MFA on every login, #DualControl on the most sensitive stuff, #honeypots, #IDS, etc.), but that was clearly not the case here. Hopefully, her #attorneys will mop the floor with this reckless organization, thereby setting a precedent that makes other #HealthcareProviders think twice about skimping on #cybersecurity.

@atomicpoet @zakiuem

IOW: You'd be better off with #XMPP - #OMEMO or #XMPP + #GnuPG / #OpenPGP over #Tor cuz even if your provider is being held at gunpoint, they can't snitch on you not only if they plausibly fake cooperation but even if their Network is 'pwned.

And that's why #ANØM, #EncroChat and all the other centralized #Honeypots will only catch #TechIlliterates and small fishes...

https://twitter.com/thegrugq/status/1085614812581715968

<shameless PR>

Well, I just registered my company on the fediverse as well!

If you're into #FreeBSD #Jail orchestration or #honeypots, give us follow on @illuria !

</Shameless PR>

The other day I was telling how much I miss the days when we were running #honeypots that helped us learn a lot.

Very timely article by Karen Scarfone on how cyber deception technology strengthens enterprise security and why it's important:

• Detect threats faster and decrease attacker dwell time
• Provide reliable alerting
• Generate detailed attack data and metrics

#cybersecurity #security #infosec

https://www.techtarget.com/searchsecurity/tip/How-cyber-deception-technology-strengthens-enterprise-security

I'm assuming that Shakira read Intrusion Detection Honeypots. That inspired her to place the strawberry jam intentionally, checking its volume each time she returned from a trip.

https://www.thecut.com/2023/01/shakira-gerard-pique-jam.html

See-Think-Do 🍯

If you know where someone will look, you can control what they see. Put something valuable there, and you control what they think. Provide an opportunity for interaction and you can control what they do.

#honeypots #IDS #detection

USA does not ever act in its own interest IMO since I have been trained to downplay my intelligence my whole life, had a sh!t education that put me in debt, this Country is run by fools put in power because their Daddy owned the biggest Buick dealership-and in the end trying to save the land I walk on in my community gets my daughter and I attacked with #HavanaSyndrome, #GangStalked, all while my taxes pay the salaries of my stalkers. At least our adversaries know to train smart women #Honeypots

Just released the T-Pot Attack Map 1.1.0. Images are already rolling out to T-Pot 22.04.x installations.
#tpot #honeypots #attackmap #telekom
https://github.com/t3chn0m4g3/t-pot-attack-map
https://github.com/telekom-security/tpotce

Just released the T-Pot Attack Map 1.1.0. Images are already rolling out to T-Pot 22.04.x installations.
#tpot #honeypots #attackmap #telekom
https://github.com/t3chn0m4g3/t-pot-attack-map
https://github.com/telekom-security/tpotce

Today is a good day to add canary tokens to your infrastructure!



Did you know you can get free #CanaryTokens from @ThinkstCanary to alert on suspicious activity?

On https://canarytokens.org/generate, you can generate a whole range of “canaries”, or assets that look like one thing but will actually email you as soon as someone or something interacts with them.



A canary can be a pdf file called “password.pdf”, left on server, a computer or attached to an email. 



A canary can be AWS keys, left in a config file or committed in a private git repo.

A canary can listen for SQL commands or command being run.

A canary can be an email address, included in customer or employee lists.

They are traps you place, so you know something’s been compromised and your team can start investigating immediately *.

Check out the documentation for more examples and use cases: https://docs.canarytokens.org/guide/

Set up your free #HoneyPots this month! #NewYearResolutions



* These are free so there are some limitations, but still super neat to have.

I love #honeypots. They are so useful for discovering new entries for my #blocklist.

Interesting. Normal attacks on one of my Ukraine #honeypots is 1000/day. Yesterday it jumped to over 11,000? Now to figure out why. #threatintel #threathunting #infosec #womeninstem

14 days running a secret Dark Web pedophile honeypot (and why I now think Tor is the devil). https://www.geekslop.com/technology-articles/computers-programming/hacking-and-security-technology-articles/2015/14-days-running-a-secret-dark-web-pedophile-honeypot-and-why-i-now-think-tor-is-the-devil #Hacking #Honeypots #Tor

@Raspberry_Pi This will be my project for tonight. Thanks. One does not live by #honeypots alone!

A short blog post about the h0neytr4p honeypot for blue teams developed by Subhash & Aakash. Easy to install, flexible and straightforward.

#honeypots #honeytrap #h0neytr4p #BlackHatEurope #blackhatArsenal #arsenal #tools #freesoftware #community #infosec #cybersecurity

https://www.stratosphereips.org/blog/2022/12/8/installing-h0neytr4p-in-the-cloud

Weekly Stratosphere's IoT honeypots activity dashboard.
#iot #iotsecurity #honeypots #cybersecurity #infosec #internetofthings