Icarus is a honeypot project that pretends to be a Microsoft Exchange and File Services server running various common services. My AbuseIPDB profile contains a summary of all IPs I’ve caught using Icarus. It’s not uncommon to see China, Russia, and even the USA attacking the honeypot here though virtually every country appears on the list.
Read MoreI decide to give CVE-2018-17246 a try using this exploit on GitHub. I follow their steps exactly: first creating a shell.js with my unprivileged user and using Burp Suite to craft my exploit by literally copying and pasting the rest. I find myself with another very limited shell but at least I’m the Kibana user now:
Read MoreRecently we’ve had multiple attacking IP addresses using the same malware. It gets uploaded like all the others and yet is still regularly bypassing all antivirus after months. This doesn’t happen frequently so definitely warrants further investigation.
Read MoreWe last updated the on-going antivirus battle in June. We also reset the counters last time to remove historical bias so it’s update time! Let’s see how we did!
Read MoreWe are ecstatic every year at the continual technological improvement. My predictions this year will follow ongoing trends instead of airing on the side of hope.
Read More
