Data Breach Today

JUNE 8, 2021

FBI Developed Smartphone-Based Platform as Honeypot for Criminals Thousands of suspected criminals have been relying on the "Anom" encrypted communications platform to coordinate their efforts.

Encryption 215

Encryption Honeypots Communications 215

Schneier on Security

AUGUST 17, 2020

A group of researchers set up a telephony honeypot and tracked robocall behavior : NCSU researchers said they ran 66,606 telephone lines between March 2019 and January 2020, during which time they said to have received 1,481,201 unsolicited calls -- even if they never made their phone numbers public via any source.

Honeypots 101

Honeypots Paper Metadata IT 101

Dark Reading

APRIL 22, 2020

When Larry Cashdollar set up a honeypot in a Docker image, he found behavior that was more enlightening than he had imagined.

Honeypots 88

Honeypots 88

Data Breach Today

MAY 6, 2022

Cybersecurity firm CrowdStrike's researchers say that through their Docker Engine honeypots, they observed two different Docker images targeting these assets. Unsuspecting Hosts Are Potential Targets for Retaliation Containers and cloud-based resources are being used to launch DoS attacks against Russian, Belarusian and Lithuanian websites.

Honeypots 236

Honeypots Cybersecurity Cloud 236

Data Breach Today

FEBRUARY 3, 2023

So warns cyber insurer Coalition, based on analyzing in-the-wild attacks seen in 2022 via underwriting and claims data, scans of IP addresses and honeypots.

Insurance 130

Insurance Honeypots Cloud Access 130

Data Breach Today

APRIL 6, 2023

That's the message from British law enforcement agents, who say they're running multiple DDoS-for-hire sites as criminal honeypots.

Honeypots 130

Honeypots Access 130

Data Breach Today

JUNE 12, 2020

Cybereason CISO Israel Barak Shares Latest Honeypot Findings Cybereason's latest honeypot-derived research reveals that threat actors are increasingly targeting critical infrastructure providers with multistage ransomware attacks. CISO Israel Barak details why these strikes are so prevalent and concerning.

Ransomware 148

Ransomware Honeypots 148

Krebs on Security

AUGUST 22, 2023

. “Canarytokens does all this and more, letting you implant traps in your production systems rather than setting up separate honeypots.” But in an interview with KrebsOnSecurity, Thinkst founder and CEO Haroon Meer said most deception techniques involve some degree of hubris. “Nobody really has time for that.

Honeypots 179

Honeypots Ransomware Security Cloud 179

WIRED Threat Level

AUGUST 9, 2023

Security researchers set up a remote machine and recorded every move cybercriminals made—including their login details.

Honeypots 74

Honeypots Security 74

Dark Reading

JULY 13, 2023

A cyber attacker gives defenders a taste of their own medicine, with GitHub honeypots concealing infostealers.

Honeypots 86

Honeypots 86

WIRED Threat Level

AUGUST 9, 2023

The legacy electronics manufacturer is creating IoT honeypots with its products to catch real-world threats and patch vulnerabilities in-house.

IoT 67

IoT Honeypots Manufacturing IT 67

Dark Reading

JULY 6, 2023

Six months of honeypot data finds that 19% of traffic to sensors were malicious exploit attempts, and 95% of those attempts came from just three botnets.

Honeypots 88

Honeypots 88

Krebs on Security

MARCH 28, 2021

The group looks for attacks on Exchange systems using a combination of active Internet scans and “honeypots” — systems left vulnerable to attack so that defenders can study what attackers are doing to the devices and how. “We have been testing 367 known web shell paths via scanning of Exchange servers.”

Honeypots 346

Honeypots Encryption Mining Security 346

Dark Reading

SEPTEMBER 14, 2022

Honeypot activity exposed two credentials that the threat actor is using to host and distribute malicious container images, security vendor says.

Honeypots 99

Honeypots Cloud Security 99

Schneier on Security

JULY 12, 2021

Motherboard got its hands on one of those Anom phones that were really FBI honeypots. The details are interesting.

Honeypots 141

Honeypots Encryption IT 141

Threatpost

NOVEMBER 23, 2021

Opportunistic attackers instantly exploited insecurely exposed services deployed in honeypots by Unit 42 researchers, demonstrating the immediate danger of these typical mistakes.

Honeypots 108

Honeypots Cloud 108

Security Affairs

DECEMBER 27, 2021

Dr. Web set up one of its honeypots to analyze the impact of the Log4J vulnerabilities on systems exposed online and discovered an intense activity between December 17th-20th. “We record attacks using exploits for the vulnerabilities on one of our honeypots–a special server used by Doctor Web specialists as bait for fraudsters.

Libraries 123

Libraries Honeypots Security Information Security 123

Security Affairs

MAY 4, 2022

The attacks were monitored by cybersecurity firm CrowdStrike, who discovered that the Docker Engine honeypots deployed between February 27 and March 1 were compromised and used in the DDoS attacks. CrowdStrike Intelligence assesses these actors almost certainly compromised the honeypots to support pro-Ukrainian DDoS attacks.

Honeypots 107

Honeypots Military Cybersecurity Security 107

Dark Reading

MAY 5, 2022

Cloud containers are increasingly part of the cybercrime playbook, with researchers flagging ongoing scanning for Docker weaknesses along with rapid exploitation to infect systems with coin-miners, denial-of-service tools, and ransomware.

Honeypots 91

Honeypots Ransomware Cloud 91

Security Affairs

MAY 6, 2022

Uptycs researchers identified ongoing malicious campaigns through our Docker honeypot targeting exposed Docker API. The Uptycs Threat Research team has identified ongoing malicious campaigns through our Docker honeypot targeting exposed Docker API port 2375. Figure 7:honeypot log – crypto miner attack. Figure 8: aaa.sh

Honeypots 71

Honeypots Security Mining Cybersecurity 71

Security Affairs

NOVEMBER 19, 2020

To conduct this investigation, a CyberNews researcher infiltrated an IRC botnet that we captured in one of our honeypots. Our honeypot setup. In cybersecurity terms, a honeypot is a decoy service or system that poses as a target for malicious actors. Here’s how it all happened. About this investigation.

Honeypots 137

Honeypots IoT Security Communications 137

Dark Reading

OCTOBER 21, 2022

Half of a million passwords from the RockYou2021 list account for 99.997% of all credential attacks against a variety of honeypots, suggesting attackers are just taking the easy road.

Passwords 102

Passwords Honeypots 102

Security Affairs

FEBRUARY 18, 2019

Cybersecurity expert Marco Ramilli shared another tool of his arsenal that extracts suspicious IPs from undesired connections, his HoneyPots. In other words: HoneyPots. I run a personal HoneyPot network which stands from years and over time it harvested numerous IP addresses which could be, potentially, malicious (typically scanners).

Honeypots 84

Honeypots Computer and Electronics Cybersecurity Security 84

Security Affairs

FEBRUARY 23, 2023

We are seeing @Fortinet FortiNAC CVE-2022-39952 exploitation attempts from multiple IPs in our honeypot sensors. A PoC was published earlier today. Andrew Morris , the founder of CEO of GreyNoise Intelligence, also confirmed that his firm started observing broad exploitation of the FortiNAC CVE-2022-39952.

Honeypots 87

Honeypots File names Cybersecurity Security 87

Threatpost

APRIL 16, 2020

A honeypot experiment shows just how quickly cybercriminals will move to compromise vulnerable cloud infrastructure.

Honeypots 102

Honeypots Security Cloud 102

Security Affairs

JULY 10, 2020

Johannes Ullrich, the head of research at the SANS Technology Institute, confirmed that one of its honeypots set up to capture attacks attempting to exploit the recently disclosed flaw in the F5 Networks’ BIG-IP systems was targeted by hackers attempting to exploit two of the recent Citrix vulnerabilities.

Honeypots 109

Honeypots Authentication Security Access 109

Krebs on Security

MARCH 9, 2021

“There are researchers running honeypots to [attract] attacks from different groups, and those honeypots are getting shelled left and right,” she said. And given the number of adversaries currently attacking still-unpatched Exchange systems, there is almost no way this won’t end in disaster for at least some victims.

Ransomware 348

Ransomware Honeypots Security Military 348

Troy Hunt

APRIL 6, 2023

Off the back of the NCA's DDoS market honeypot , the BreachForums admin arrest and the takedown of RaidForums before that , if you're playing in this space you'd have to be looking over your shoulder by now. Interesting times in cyber(crime) space.

Honeypots 97

Honeypots Passwords Cloud Security 97

Security Affairs

SEPTEMBER 17, 2021

The researchers discovered the threat after a sample of the malware targeted one Akamai honeypot. The attackers dropped a PHP malware sample through a backdoor linked to a WordPress plugin called Download-monitor, which was installed after the honeypot was accessed. ” said Akamai researcher Larry Cashdollar.

Honeypots 84

Honeypots Mining Encryption Security 84

eSecurity Planet

FEBRUARY 23, 2022

For example, in addition to implementing SPA on a sheriff department’s evidence server, we can add a honeypot named “evidence server.”. The typical attack scan will miss the hidden server and lead to a focus on the honeypot. Speed of response is critical to deterring attackers and this combination provides early warning.

Honeypots 105

Honeypots Security Encryption Communications 105

Dark Reading

JANUARY 21, 2020

A fictitious industrial company with phony employees personas, website, and PLCs sitting on a simulated factory network fooled malicious hackers - and raised alarms for at least one white-hat researcher who stumbled upon it.

Honeypots 60

Honeypots Ransomware IT 60

Security Affairs

SEPTEMBER 10, 2023

US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital North Korea-linked threat actors target cybersecurity experts with a zero-day Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks Nation-state actors (..)

Security 101

Security Data breaches Ransomware Honeypots 101

Dark Reading

AUGUST 27, 2018

A deep dive into the unique requirements and ideal use cases of three important prevention and analysis technologies.

Honeypots 68

Honeypots Security 68

Security Affairs

JUNE 8, 2020

Akamai security researcher Larry Cashdollar discovered the campaign after his honeypot was hit by the malware. “Examining the honeypot logs, I determined the attackers had installed the Alternate Lite WordPress theme on the system, and a new binary process was running as the www-user. ” wrote Larry Cashdollar.

Honeypots 94

Honeypots Passwords Cybersecurity Security 94

Security Affairs

SEPTEMBER 19, 2022

In the first week of September, AquaSec researchers identified at least three different attacks targeting their honeypots, the experts associated them with the cybercrime gang TeamTNT. AquaSec researchers observed the cybercrime gang TeamTNT hijacking servers to run Bitcoin solver since early September.

Encryption 93

Encryption Honeypots Security Mining 93

Security Affairs

DECEMBER 12, 2021

Researchers at NetLab 360 reported that their Anglerfish and Apacket honeypots were already hit by attacks attempting to trigger the Log4Shell flaw in the Log4j library. Immediately after the disclosure of the Log4Shell flaw in Log4j library threat actors started including the exploit code in Linux botnets.

Honeypots 133

Honeypots Libraries Passwords Authentication 133

Dark Reading

DECEMBER 19, 2018

While you prepare your defenses against the next big thing, also pay attention to the longstanding threats that the industry still hasn't put to rest.

Honeypots 81

Honeypots IoT Cybersecurity 81