Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
ioc.exchange is one of the many independent Mastodon servers you can use to participate in the fediverse.
INDICATORS OF COMPROMISE (IOC) InfoSec Community within the Fediverse. Newbies, experts, gurus - Everyone is Welcome! Instance is supposed to be fast and secure.

Administered by:

Server stats:

1.3K
active users

ioc.exchange: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

#infosec

772 posts361 participants12 posts today
Public
Graylog

Telemetry is the science of measuring something, transmitting the results to a remote location, and then interpreting the results. 📊 In #cybersecurity, it refers to the security data that your systems, networks, applications, and devices generate and it's often derived from log data.

Let's talk about:
❓ Why telemetry is important
🔢 The different types of security telemetry
🫤 Why security telemetry is challenging
⚙️ Using telemetry and managing data effectively

If you understand what telemetry is and how to use it for #security, IT and security teams can use the data that their environments generate to create proactive security programs. 💯

Learn more: graylog.org/post/telemetry-wha #infosec

Public
@𝚆𝚘𝚛𝙼𝙿𝟹:~$: :t_blink:

Very concerned by the surge in supply-chain attacks—incidents have nearly doubled recently, yet companies remain silent on how they’re tackling this. Even worse, most users have no idea these attacks are happening. Transparency and awareness are urgently needed to address this growing threat.

:quotesL:Malicious Backdoors Found in Python and npm Packages Targeting Windows and Linux:quotesR: via Oppapick

oppapick.com/backdoors-python-

Oppapick - Lifestyle, Tech, Gardening, everything else · Malicious Backdoors Found in Python and npm Packages Targeting Windows and Linux - OppapickIn a new wave of supply chain attacks, security researchers have uncovered multiple backdoored open-source packages uploaded to PyPI (Python Package Index) and npm (Node Package Manager). These packages are designed to target both Windows and Linux environments and have been carefully crafted to blend in with legitimate development tools. The discovery comes just as
#Tech#TechNews#Linux
Public
Phillip Wylie

Syntax976: From Curiosity to Cybersecurity #cybersecurity #infosec #innovation #personalbranding podcasters.spotify.com/pod/sho

Spotify for CreatorsSyntax976: From Curiosity to Cybersecurity by Phillip Wylie ShowSummaryIn this episode of the Phillip Wylie Show, host Phillip Wylie engages in a conversation with Syntax, a prominent figure in the hacker community. They discuss their connection through social media, the vibrant hacker culture, and Syntax's personal journey into hacking, which began at a young age. The conversation explores the evolution of the hacker community, emphasizing inclusivity and diversity, and offers valuable advice for aspiring cybersecurity professionals. Syntax shares insights on the importance of curiosity and networking within the community, making this episode a rich resource for anyone interested in cybersecurity.Takeaways• Syntax's journey into hacking began at age 10.• The hacker community values knowledge over appearance.• Inclusivity in cybersecurity has improved over the years.• Conferences like DEF CON foster a sense of family.• Curiosity is essential for success in cybersecurity.• Networking is crucial for professional growth.• The hacker culture is built on sharing and collaboration.• Diversity in the community enhances innovation.• Engaging with others at conferences can lead to opportunities.• Continuous learning is vital in the tech field.Sound Bites• "I was super shy and quiet."• "Teach yourself to be curious."• "Talk to everyone."Chapters00:00 Introduction and Connection03:24 Syntax's Hacker Origin Story11:13 The Evolution of the Hacker Community18:00 Diversity and Inclusion in Cybersecurity25:24 Advice for Aspiring Cybersecurity Professionals30:23 Closing Thoughts and Conference RecommendationsResourceshttps://x.com/syntax976https://www.linkedin.com/in/brandon-prince-27a0ab51/
Public
@𝚆𝚘𝚛𝙼𝙿𝟹:~$: :t_blink:

I don’t trust Meta with my everyday data, so I definitely wouldn’t trust them with anything sensitive or confidential. Their business thrives on collecting and profiting from personal information. People should be extremely cautious about using tools from a company built on exploiting privacy.

:quotesL:Meta open-sources AI tool to automatically classify sensitive documents:quotesR: | via Help-Net Security.

helpnetsecurity.com/2025/06/05

Help Net Security · Meta open-sources AI tool to automatically classify sensitive documents - Help Net SecurityMeta has released an open source AI tool called Automated Sensitive Document Classification. It was originally built for internal use and is designed to
#Meta#InfoSec#opsec
Public
RDP Snitch

2025-06-17 RDP #Honeypot IOCs - 32238 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
24.173.30.170 - 12180
167.172.131.118 - 11346
172.236.141.242 - 8322

Top ASNs:
AS11427 - 12180
AS14061 - 11364
AS63949 - 8322

Top Accounts:
hello - 32109
Test - 24
Administr - 21

Top ISPs:
Charter Communications Inc - 12180
DigitalOcean, LLC - 11349
Akamai Technologies, Inc. - 8322

Top Clients:
Unknown - 32238

Top Software:
Unknown - 32238

Top Keyboards:
Unknown - 32238

Top IP Classification:
hosting - 19743
Unknown - 12495

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
pastebin.com/xhAYwvfK

Pastebin2025-06-17_stats.json - Pastebin.comPastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.
#CyberSec#SOC#Blueteam
Public
RDP Snitch

2025-06-17 RDP #Honeypot IOCs - 21492 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
24.173.30.170 - 8120
167.172.131.118 - 7564
172.236.141.242 - 5548

Top ASNs:
AS11427 - 8120
AS14061 - 7576
AS63949 - 5548

Top Accounts:
hello - 21406
Test - 16
Administr - 14

Top ISPs:
Charter Communications Inc - 8120
DigitalOcean, LLC - 7566
Akamai Technologies, Inc. - 5548

Top Clients:
Unknown - 21492

Top Software:
Unknown - 21492

Top Keyboards:
Unknown - 21492

Top IP Classification:
hosting - 13162
Unknown - 8330

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
pastebin.com/PzBuqVzn

Pastebin2025-06-17_stats.json - Pastebin.comPastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.
#CyberSec#SOC#Blueteam
Public
RDP Snitch

2025-06-17 RDP #Honeypot IOCs - 10746 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
24.173.30.170 - 4060
167.172.131.118 - 3782
172.236.141.242 - 2774

Top ASNs:
AS11427 - 4060
AS14061 - 3788
AS63949 - 2774

Top Accounts:
hello - 10703
Test - 8
Administr - 7

Top ISPs:
Charter Communications Inc - 4060
DigitalOcean, LLC - 3783
Akamai Technologies, Inc. - 2774

Top Clients:
Unknown - 10746

Top Software:
Unknown - 10746

Top Keyboards:
Unknown - 10746

Top IP Classification:
hosting - 6581
Unknown - 4165

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
pastebin.com/GrTmjdr8

Pastebin2025-06-17_stats.json - Pastebin.comPastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.
#CyberSec#SOC#Blueteam
Replied in thread
Public *
Kevin Karhan :verified:

@Cappyjax IDGAF about "passion". All I care about is the security of users!

Requiring any #PII like a #PhoneNumber is inacceptable when it comes to #ComSec, #InfoSec & #OpSec, espechally given @signalapp is not only able but entirely willing to restrict service based off said numbers, making their "solution" insecure by design.

  • There's a reason why #XMPP+#OMEMO and #PGP/MIME [both each over @torproject / #Tor] is the evidently superior and more secure approach, as being unable to "#KYC" a user is a matter of security...

Espechally since obtaining a phone number anonymously is oftentimes illegal (i.e. #Germany made it illegal starting 07/2017, so using any service that demands a phone numner is out of question)

  • And even if one can get an anonymous #SIM (with a phone number) or god forbid #eSIM, (which is at best pseudonymous as tracking down users by virtue of matching ICCID, IMEI & IMSI to location and time) the chances are high that one ends up with recycled phone numbers that have already been used.

Obviously the devs of #Signal and @Mer__edith are well aware of this critical flaw, which is why I consider them to act as "useful idiots" or rather "controlled opposition" as #Signal could've been shutdown trivially by the #US Government or forced into banning users based off their #PhoneNumbers (they may call this "#sanctions #compliance" given they added a #Shitcoin - Wallet into Signal!)...

  • All the "but #Metadata" #FUD turns into #MarketingLies once put under the looking glass and examined against the risk of state-sponsored / -endordsed / -supported attackers.

Whereas with @monocles / #monoclesChat, @gajim / #gajim and @delta / #deltaChat and @thunderbird / #Thunderbird respectably I can not only use Tor, but do #SelfHosting for the entire #communications infrastructure (i.e. using an #OnionService = only reachable via Tor) and get the advantages of a self-routing, self-authenticating & battle-hardened against censorship proxy network that can't be shutdown!

ilga.org/wp-content/uploads/20
infosec.space/@kkarhan/1146976

Infosec.SpaceKevin Karhan :verified: (@kkarhan@infosec.space)@renardboy@mastodon.social @derekmorr@mastodon.social depends... Did you have to remotely onboard someone onto a secure communication stack whilst they are on the run from the authorities *and* blood relatives due to *"living while trans"* with a *literal "dead or alive" bounty on their head* whilst stuck in a besieged city that's being shelled? - Cuz I did... @signalapp@mastodon.world is evidently a solution appealing to #TechIlliterates with *dangerous 'semi-knowledge'* who are willing to accept a *"#TrustMeBro!"* by @Mer__edith@mastodon.world and #MoxieMarlinspike before her. - Using #Signal would've gotten said person tracked down and killed by the de-facto aithorities for merely having their phone # linked to that shite!
Public
OTX Bot

Distribution of Malware Disguised as Research Papers

Pulse ID: 6851e9acc44f1dcee2bb8dd0
Pulse Link: otx.alienvault.com/pulse/6851e
Pulse Author: cryptocti
Created: 2025-06-17 22:18:20

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
#CyberSecurity#InfoSec#Malware
Public
OTX Bot

New Variant of Chaos RAT Attacks Windows and Linux Systems

Pulse ID: 6851e7ecfe3ea14f93c67388
Pulse Link: otx.alienvault.com/pulse/6851e
Pulse Author: cryptocti
Created: 2025-06-17 22:10:52

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
#CyberSecurity#InfoSec#Linux
Public
Open Security Conference

Wait, what do you mean by "the Open Security Conference is an open space conference"? 🤔 This format might not be familiar with everyone, so we have you covered!

Check out opensecurityconference.org/ope to learn more. 💡

And in case you need buy-in from your employer, here's some additional inspiration. 😉 opensecurityconference.org/faq

P.S.: We'll open the registration soon, and this year's keynote speaker announcements will follow.

#osco #osco25 #CyberSecurity #Security #InfoSec #AppSec #ProductSecurity #OTsecurity #OpenSpace [lisi]

Open Security ConferenceOpen SpaceBy osco Team
ExploreLive feeds
About