Security News

Trapster Community: Open-source, low-interaction honeypot
2024-12-16 04:30

Trapster Community is an open-source, lightweight, low-interaction honeypot designed for deployment within internal networks. It enhances network security by creating a deceptive layer that...

Microsoft creates fake Azure tenants to pull phishers into honeypots
2024-10-19 14:32

Microsoft is using deceptive tactics against phishing actors by spawning realistic-looking honeypot tenants with access to Azure and lure cybercriminals in to collect intelligence about them. [...]

Respotter: Open-source Responder honeypot
2024-09-06 04:30

Respotter is an open-source honeypot designed to detect attackers when they launch Responder within your environment. This application identifies active instances of Responder by exploiting its...

BreachForums Returns Just Weeks After FBI Seizure - Honeypot or Blunder?
2024-05-29 07:11

The online criminal bazaar BreachForums has been resurrected merely two weeks after a U.S.-led coordinated law enforcement action dismantled and seized control of its infrastructure. Cybersecurity...

Uncovering attacker tactics through cloud honeypots
2023-06-26 03:00

Attackers typically find exposed "Secrets" - pieces of sensitive information that allow access to an enterprise cloud environment - in as little as two minutes and, in many cases, begin exploiting them almost instantly, highlighting the urgent need for comprehensive cloud security, according to Orca Security. Orca's research was conducted between January and May 2023, beginning with the creation of "Honeypots" on nine different cloud environments that simulated misconfigured resources in the cloud to entice attackers.

RDP honeypot targeted 3.5 million times in brute-force attacks
2023-06-13 07:38

Hackers swarm to RDP. An experiment using high-interaction honeypots with an RDP connection accessible from the public web shows how relentless attackers are and that they operate within a daily schedule very much like working office hours. The attack count for the entire year reached 13 million login attempts.

Valve “honeypot” used to ban 40,000 Dota 2 players using cheat
2023-02-23 19:45

Game developer Valve has announced that it permanently banned more than 40,000 accounts for using cheating software to gain an unfair advantage over other players in the Dota 2 game. The cheat gave players access to internal client app information that is not visible during normal gameplay, thus obtaining a competitive advantage.

Honeypot-Factory: The Use of Deception in ICS/OT Environments
2023-02-13 09:59

CryPLH is a low-interactive and virtual Smart-Grid ICS honeypot simulating Siemens Simatic 300 PLC devices. With the development of cybersecurity technology, deception has been applied in various circumstances like the web, databases, mobile apps, and IoT. Deception technology has been embodied in some ICS honeypot applications in the OT field.

Lessons Learned from the Windows Remote Desktop Honeypot Report
2023-01-25 15:06

Over several weeks in October of 2022, Specops collected 4.6 million attempted passwords on their honeypot system. Though the examples given here focused on RDP connections, a honeypot is not limited to that type of connection, and any remote access system is subject to attacks, like SSH. What should an organization do to minimize the potential damage?

Honeypot experiment reveals what hackers want from IoT devices
2021-12-22 21:46

A three-year-long honeypot experiment featuring simulated low-interaction IoT devices of various types and locations gives a clear idea of why actors target specific devices. IoT devices are a booming market that includes small internet-connected devices such as cameras, lights, doorbells, smart TVs, motion sensors, speakers, thermostats, and many more.