Data Breach Today

MAY 6, 2022

Cybersecurity firm CrowdStrike's researchers say that through their Docker Engine honeypots, they observed two different Docker images targeting these assets. Unsuspecting Hosts Are Potential Targets for Retaliation Containers and cloud-based resources are being used to launch DoS attacks against Russian, Belarusian and Lithuanian websites.

Honeypots 246

Honeypots Cloud Cybersecurity 246

Data Breach Today

JUNE 12, 2020

Cybereason CISO Israel Barak Shares Latest Honeypot Findings Cybereason's latest honeypot-derived research reveals that threat actors are increasingly targeting critical infrastructure providers with multistage ransomware attacks. CISO Israel Barak details why these strikes are so prevalent and concerning.

Honeypots 191

Honeypots Ransomware 191

Krebs on Security

MARCH 28, 2021

The group looks for attacks on Exchange systems using a combination of active Internet scans and “honeypots” — systems left vulnerable to attack so that defenders can study what attackers are doing to the devices and how. “We have been testing 367 known web shell paths via scanning of Exchange servers.”

Honeypots 357

Honeypots Mining Encryption Communications 357

Schneier on Security

AUGUST 17, 2020

A group of researchers set up a telephony honeypot and tracked robocall behavior : NCSU researchers said they ran 66,606 telephone lines between March 2019 and January 2020, during which time they said to have received 1,481,201 unsolicited calls -- even if they never made their phone numbers public via any source.

Honeypots 81

Honeypots Paper Metadata IT 81

Dark Reading

APRIL 22, 2020

When Larry Cashdollar set up a honeypot in a Docker image, he found behavior that was more enlightening than he had imagined.

Honeypots 84

Honeypots 84

Dark Reading

JANUARY 15, 2020

Honeypots are crucial tools for security researchers and security teams. Understanding what they are and what they can do can be critical for making them safe and useful for your organization.

Honeypots 69

Honeypots Security 69

KnowBe4

NOVEMBER 22, 2024

Appealing to the most depraved of society, threat group FIN7 use the lure of generating nude images of favorite celebrities to get victims to download their NetSupport RAT.

Honeypots 116

Honeypots Phishing Security 116

Krebs on Security

MARCH 9, 2021

“There are researchers running honeypots to [attract] attacks from different groups, and those honeypots are getting shelled left and right,” she said. And given the number of adversaries currently attacking still-unpatched Exchange systems, there is almost no way this won’t end in disaster for at least some victims.

Honeypots 357

Honeypots Ransomware Military Security 357

Schneier on Security

JULY 12, 2021

Motherboard got its hands on one of those Anom phones that were really FBI honeypots. The details are interesting.

Honeypots 145

Honeypots IT Encryption 145

Security Affairs

FEBRUARY 18, 2019

Cybersecurity expert Marco Ramilli shared another tool of his arsenal that extracts suspicious IPs from undesired connections, his HoneyPots. In other words: HoneyPots. I run a personal HoneyPot network which stands from years and over time it harvested numerous IP addresses which could be, potentially, malicious (typically scanners).

Honeypots 110

Honeypots Computer and Electronics Mining Cybersecurity 110

Security Affairs

JULY 10, 2020

Johannes Ullrich, the head of research at the SANS Technology Institute, confirmed that one of its honeypots set up to capture attacks attempting to exploit the recently disclosed flaw in the F5 Networks’ BIG-IP systems was targeted by hackers attempting to exploit two of the recent Citrix vulnerabilities.

Honeypots 144

Honeypots Authentication Access IT 144

Security Affairs

NOVEMBER 19, 2020

To conduct this investigation, a CyberNews researcher infiltrated an IRC botnet that we captured in one of our honeypots. Our honeypot setup. In cybersecurity terms, a honeypot is a decoy service or system that poses as a target for malicious actors. Here’s how it all happened. About this investigation.

Honeypots 145

Honeypots IoT Communications IT 145

KnowBe4

JULY 29, 2024

Fortune 500 conglomerate, and another detailing the implementation of honeypots by a renowned U.S. In this post, I'll share two fascinating hacking stories I've experienced: one involving a sophisticated scam that targeted a major U.S. think tank that went wrong.

Honeypots 118

Honeypots Security 118

Security Affairs

DECEMBER 27, 2021

Dr. Web set up one of its honeypots to analyze the impact of the Log4J vulnerabilities on systems exposed online and discovered an intense activity between December 17th-20th. “We record attacks using exploits for the vulnerabilities on one of our honeypots–a special server used by Doctor Web specialists as bait for fraudsters.

Libraries 145

Libraries Honeypots Security IT 145

Data Breach Today

FEBRUARY 3, 2023

So warns cyber insurer Coalition, based on analyzing in-the-wild attacks seen in 2022 via underwriting and claims data, scans of IP addresses and honeypots.

Insurance 130

Insurance Honeypots Cloud Access 130

Data Breach Today

APRIL 6, 2023

That's the message from British law enforcement agents, who say they're running multiple DDoS-for-hire sites as criminal honeypots.

Honeypots 130

Honeypots Access 130

WIRED Threat Level

AUGUST 9, 2023

Security researchers set up a remote machine and recorded every move cybercriminals made—including their login details.

Honeypots 92

Honeypots Security 92

Security Affairs

MAY 4, 2022

The attacks were monitored by cybersecurity firm CrowdStrike, who discovered that the Docker Engine honeypots deployed between February 27 and March 1 were compromised and used in the DDoS attacks. CrowdStrike Intelligence assesses these actors almost certainly compromised the honeypots to support pro-Ukrainian DDoS attacks.

Honeypots 135

Honeypots Military Mining Government 135

Threatpost

APRIL 16, 2020

A honeypot experiment shows just how quickly cybercriminals will move to compromise vulnerable cloud infrastructure.

Honeypots 102

Honeypots Cloud Security 102

Security Affairs

JUNE 8, 2020

Akamai security researcher Larry Cashdollar discovered the campaign after his honeypot was hit by the malware. “Examining the honeypot logs, I determined the attackers had installed the Alternate Lite WordPress theme on the system, and a new binary process was running as the www-user. ” wrote Larry Cashdollar.

Honeypots 134

Honeypots Passwords Cybersecurity IT 134

Threatpost

NOVEMBER 23, 2021

Opportunistic attackers instantly exploited insecurely exposed services deployed in honeypots by Unit 42 researchers, demonstrating the immediate danger of these typical mistakes.

Honeypots 108

Honeypots Cloud 108

Krebs on Security

AUGUST 22, 2023

. “Canarytokens does all this and more, letting you implant traps in your production systems rather than setting up separate honeypots.” But in an interview with KrebsOnSecurity, Thinkst founder and CEO Haroon Meer said most deception techniques involve some degree of hubris. “Nobody really has time for that.

Honeypots 195

Honeypots Ransomware Access Cloud 195

Security Affairs

JUNE 9, 2024

Shadowserver researchers observed multiple IPs testing PHP/PHP-CGI CVE-2024-4577 (Argument Injection Vulnerability) against its honeypot sensors starting on June 7th. We see multiple IPs testing PHP/PHP-CGI CVE-2024-4577 (Argument Injection Vulnerability) against our honeypot sensors starting today, June 7th.

Honeypots 144

Honeypots IT Cybersecurity Risk 144

Outpost24

JANUARY 13, 2023

Cyber Threat Landscape Study 2023: Outpost24’s honeypot findings from over 42 million attacks. Florian Barre. Fri, 01/13/2023 - 02:53. Threat Intelligence. What are the most common cybersecurity threats facing your business?

Honeypots 52

Honeypots Cybersecurity Security 52

Security Affairs

SEPTEMBER 17, 2021

The researchers discovered the threat after a sample of the malware targeted one Akamai honeypot. The attackers dropped a PHP malware sample through a backdoor linked to a WordPress plugin called Download-monitor, which was installed after the honeypot was accessed. ” said Akamai researcher Larry Cashdollar.

Honeypots 120

Honeypots Mining Encryption Access 120

Security Affairs

NOVEMBER 22, 2023

In October, Akamai’s Security Intelligence Response Team (SIRT) noticed an anomalous activity to the company’s honeypots targeting a rarely used TCP port. “In late October 2023, we noticed a small uptick in activity to our honeypots targeting a rarely used TCP port. ” reads the analysis published by Akamai.

Honeypots 141

Honeypots Authentication Security IT 141

Dark Reading

SEPTEMBER 14, 2022

Honeypot activity exposed two credentials that the threat actor is using to host and distribute malicious container images, security vendor says.

Honeypots 97

Honeypots Cloud Security 97

Security Affairs

OCTOBER 6, 2024

Rhadamanthys Stealer Adds Innovative AI Feature in Version 0.7.0

Honeypots 125

Honeypots Security Mining Cybersecurity 125

Dark Reading

DECEMBER 19, 2018

While you prepare your defenses against the next big thing, also pay attention to the longstanding threats that the industry still hasn't put to rest.

Honeypots 79

Honeypots IoT Cybersecurity 79

Security Affairs

MAY 6, 2022

Uptycs researchers identified ongoing malicious campaigns through our Docker honeypot targeting exposed Docker API. The Uptycs Threat Research team has identified ongoing malicious campaigns through our Docker honeypot targeting exposed Docker API port 2375. Figure 7:honeypot log – crypto miner attack. Figure 8: aaa.sh

Honeypots 98

Honeypots Mining Cybersecurity Security 98

Security Affairs

OCTOBER 29, 2020

Security researchers from SANS Technology Institute set up a collection of honeypots set up allowed the researchers to catch a series of attacks shortly after the exploit code for CVE-2020-14882 was publicly available. Our honeypots (up to now) do not return the “correct” response, and we have not seen follow-up requests yet.”

Honeypots 108

Honeypots Security IT Information Security 108

Dark Reading

AUGUST 27, 2018

A deep dive into the unique requirements and ideal use cases of three important prevention and analysis technologies.

Honeypots 65

Honeypots Security 65

Security Affairs

SEPTEMBER 20, 2021

While the IP address of the database is still public, the database was taken offline and has been replaced with a honeypot. The expert discovered the unsecured database on August 22, 2021, and immediately notified the Thai authorities, he noticed that some of the data stored in the archive date back ten years.

Honeypots 145

Honeypots Archiving Personal data Cybersecurity 145

Security Affairs

DECEMBER 12, 2021

Researchers at NetLab 360 reported that their Anglerfish and Apacket honeypots were already hit by attacks attempting to trigger the Log4Shell flaw in the Log4j library. Immediately after the disclosure of the Log4Shell flaw in Log4j library threat actors started including the exploit code in Linux botnets.

Honeypots 145

Honeypots Libraries Passwords Authentication 145

WIRED Threat Level

AUGUST 9, 2023

The legacy electronics manufacturer is creating IoT honeypots with its products to catch real-world threats and patch vulnerabilities in-house.

IoT 86

IoT Honeypots Manufacturing IT 86

Dark Reading

JULY 13, 2023

A cyber attacker gives defenders a taste of their own medicine, with GitHub honeypots concealing infostealers.

Honeypots 83

Honeypots 83

Security Affairs

MAY 25, 2019

The experts discovered the attacks because they hit one of the company’s honeypots that emulates MySQL listening on the default TCP port 3306. The GandCrab sample that targeted the honeypot was downloaded more than 500 times. However, the samples named 3306-2.exe, exe, 3306-3.exe, exe, and 3306-4.exe

Ransomware 111

Ransomware Honeypots Security Cybersecurity 111