背景介绍 2022年3月31号,Spring针对Spring4Shell漏洞(CVE-2022-22965)事件发布了安全公告[1],并提供了漏洞修复程序,此次漏洞事件在安全社区引起广泛关注。 360网络安全研究院高级威胁狩猎蜜罐系统[2]通过被动监测方式看到了该漏洞在野传播过程,我们也看到了Mirai僵尸网络入场,相关在野漏洞攻击威胁情报已通过自动化形式输出。 Spring4Shell 在野传播 360网络安全研究院高级威胁...| 360 Netlab Blog - Network Security Research Lab at 360
Protect your Sitecore Forms from spam with simple honeypot fields. Easy to add, invisible to users, and effective against bots.| Perficient Blogs
Discover ViciousTrap, a newly identified threat who turning edge devices into honeypots en masse targeting| Sekoia.io Blog
On June 5, 2024, SolarWinds released an advisory regarding a path-traversal vulnerability in their “secure” file-transfer product, Serv-U. I wrote about it here back in mid-June when it was fairly recently released. So here we are, three months later - you might be wondering why we’re still talking about this! When the vulnerability was new, I put a lot of work into crafting a very realistic honeypot that not only looks like the product, it also fakes out the filesystem to make it actua...| GreyNoise Labs
Ist ja schön, dass wir im ersten Artikel "Modern Honeypot Network – Teil 1: Kommandozentrale auf DigitalOcean" eine Kommandozentrale eingerichtet haben, um unsere Honeypots zu kontrollieren. Aber wie bekommen wir es nun hin, dass hier auch wirklich Daten ankommen? Wir müssen dazu unseren ersten Honeypot einrichten bzw. unseren ersten "Sensor" installieren. Ich habe mich dafür […]| Tizian Kohler
Letztens kam mir die Idee einen Honeypot aufzusetzen, um Daten über das Vorgehen von Hackern zu sammeln. Also habe ich mich damit beschäftigt und mir mit Modern Honeypot Network (MHN) ein passendes Framework gesucht. Da ich keinen lokalen Honeypot aufsetzen wollte, habe ich eine cloudbasierte Variante mit DigitalOcean realisiert. In diesem Beitrag beschreibe ich kurz […]| Tizian Kohler
Where we track a SolarWinds Serv-U vulnerability with a new honeypot, including tricking a human attacker into making mistakes| GreyNoise Labs
Update 2019.12.04: Recently we have received quite a few requests of comment about this blog. We feel it necessary to list following facts here: 1. Kenneth Crurrin Schuchman, with nicknames "Nexus" or "Nexus-Zeta", a 21 years old young man, has pleaded guilty on 2019.09.03 to the| 360 Netlab Blog - Network Security Research Lab at 360
First of all, I want to apologize for not getting around to writing part 2 of my previous post yet. I have more free time now and have started research for that post, but haven’t had a chance…| my 20%
In this post, you will learn how to set up Honeypot WiFi Enterprise WiFi Network and get the username and password of the client.| tbhaxor's Blog
In this post, you will learn how to set up a honeypot network so that WiFi clients compatible with enterprise networks can connect to an EAP-TTLS/PAP encrypted network and harvest login credentials in clear text.| tbhaxor's Blog
