GreyNoise
LightNews LightNews
banner
greynoise.infosec.exchange.ap.brid.gy
GreyNoise
@greynoise.infosec.exchange.ap.brid.gy
60 followers 0 following 210 posts
GreyNoise analyzes Internet background noise. Use GreyNoise to remove pointless security alerts, find compromised devices, or identify emerging threats […]

[bridged from https://infosec.exchange/@greynoise on the fediverse by https://fed.brid.gy/ ]
Posts Replies Media Videos
greynoise.infosec.exchange.ap.brid.gy
This holiday season, run our IP Check at your family’s house, a free tool that answers a question we hear constantly: "How do I know if my home network has been compromised?"

https://www.greynoise.io/blog/your-ip-address-might-be-someone-elses-problem
November 25, 2025 at 8:46 PM
greynoise.infosec.exchange.ap.brid.gy
RE: https://infosec.exchange/@greynoise/115572883475637524

LIVE in 8! 🚨
greynoise.infosec.exchange.ap.brid.gy GreyNoise @greynoise.infosec.exchange.ap.brid.gy · 8d
Looking forward to seeing folks this Thursday at 12 ET for another GreyNoise University LIVE. Join Michael + @jordyn for a fun and informative demo + walkthrough of all things GreyNoise. ✨

Register today: https://www.greynoise.io/events/greynoise-university-live
November 20, 2025 at 4:54 PM
greynoise.infosec.exchange.ap.brid.gy
🚨 Palo Alto GlobalProtect scanning surged 40X in 24hrs...a 90-day high.
2.3M login attempts from concentrated infrastructure (AS200373/AS208885).
Block these IPs now: https://www.greynoise.io/blog/palo-alto-scanning-surges-90-day-high
Palo Alto Scanning Surges 40X in 24 Hours, Marking 90-Day High
GreyNoise has identified a significant escalation in malicious activity targeting Palo Alto Networks GlobalProtect portals. Beginning on 14 November 2025, activity rapidly intensified, culminating in a 40x surge within 24 hours, marking a new 90-day high.
www.greynoise.io
November 19, 2025 at 9:06 PM
greynoise.infosec.exchange.ap.brid.gy
Attackers move fast, so your blocklists should too. GreyNoise now lets you convert any query into a real-time blocklist that updates automatically as attacker infrastructure changes. Start using it today on the GreyNoise platform.

🔗 https://www.greynoise.io/blog/introducing-query-based-blocklists
Introducing Query-Based Blocklists: Fully Configurable, Real-Time Threat Blocking in the GreyNoise Platform
GreyNoise customers can turn any GreyNoise query in the platform directly into a real-time blocklist for their firewall, SOAR, or other enforcement points.
www.greynoise.io
November 19, 2025 at 5:31 PM
greynoise.infosec.exchange.ap.brid.gy
Looking forward to seeing folks this Thursday at 12 ET for another GreyNoise University LIVE. Join Michael + @jordyn for a fun and informative demo + walkthrough of all things GreyNoise. ✨

Register today: https://www.greynoise.io/events/greynoise-university-live
November 18, 2025 at 9:44 PM
greynoise.infosec.exchange.ap.brid.gy
EU sanctioned Stark Industries in May. Leaked docs gave them 12 days warning.

Result: ASN shuffle, rebrand to THE.Hosting. Corporate shells changed, network behavior didn't.

We tracked it: AS44477→AS209847. Packets don't lie.
🔗 https://www.greynoise.io/blog/stark-industries-shell-game
November 17, 2025 at 8:57 PM
greynoise.infosec.exchange.ap.brid.gy
Hey Canada, we're packed up + headed to #suricon25! 🇨🇦 Check out our booth and don't miss @ntkramer + @iagox86's talk ...and if you happen to run into them or @hrbrmstr around the con, they might have something special for you 🥧...
November 17, 2025 at 6:25 PM
greynoise.infosec.exchange.ap.brid.gy
🚨 GreyNoise for Microsoft Sentinel is here!
Filter out internet background noise automatically. Focus on real threats.
#MicrosoftSentinel #appassure

🔗 https://techcommunity.microsoft.com/blog/MicrosoftSentinelBlog/ignite-2025-new-microsoft-sentinel-connectors-announcement/4454613
November 13, 2025 at 4:04 PM
greynoise.infosec.exchange.ap.brid.gy
We’ve launched At The Edge, a weekly brief for GreyNoise customers highlighting shifts in attacker behavior seen across the Global Observation Grid (GOG).

Human-led analysis that turns internet noise into insight defenders can act on.

#threatintel #greynoise
November 6, 2025 at 3:02 PM
greynoise.infosec.exchange.ap.brid.gy
We deployed MCP honeypots to understand how threat actors engage with AI middleware exposed to the internet. What we observed was unexpected. Full analysis: https://www.greynoise.io/blog/deploying-mcp-honeypots

#greynoise #ai #aisecurity #mcp #mcpsecurity #cybersecurity #threatintel
What GreyNoise Learned from Deploying MCP Honeypots
GreyNoise deployed MCP honeypots to see what happens when AI middleware meets the open internet — revealing how attackers interact with this new layer of AI infrastructure.
www.greynoise.io
November 5, 2025 at 7:16 PM
Reposted by GreyNoise
hrbrmstr.mastodon.social.ap.brid.gy
The ace @greynoise comms team feed my PHP/cryptomining post from PDF purgatory and spiffied it up into a full-on GN blog post:

https://www.greynoise.io/blog/php-cryptomining-campaign
network graph blog banner img reads as Cybercriminals Ramp Up Cryptomining in Anticipation of Rising Bitcoin
November 4, 2025 at 5:00 PM
greynoise.infosec.exchange.ap.brid.gy
GreyNoise has observed a surge in PHP exploitation activity since late summer — now peaking as attackers deploy cryptominers at scale.
Full analysis → https://www.greynoise.io/blog/php-cryptomining-campaign
#greynoise #php #threatintel
PHP Cryptomining Campaign: October/November 2025
From Aug–Oct 2025, GreyNoise observed a surge in exploitation attempts against PHP and PHP-based frameworks as attackers deployed cryptominers—driven by rising Bitcoin prices and higher mining payoffs.
www.greynoise.io
November 4, 2025 at 4:37 PM
greynoise.infosec.exchange.ap.brid.gy
Headed to #falconeurope2025 this week? Come by booth 45 and chat with the team. On Wednesday, continue the conversation at our joint happy hour with Cribl + NetBuilder from 7-?? at Nobu Barcelona, sign up today! ⬇️ […]
Original post on infosec.exchange
infosec.exchange
November 3, 2025 at 6:42 PM
greynoise.infosec.exchange.ap.brid.gy
Happy Halloween from your fave GreyNerds 🍬🍫
October 31, 2025 at 9:23 PM
greynoise.infosec.exchange.ap.brid.gy
Happy Halloween from the GreyNoise ghouls + goblins! This month's NoiseLetter is packed to the brim with tricks + treats, catch up on all the haunts from this past month and be sure to check back in later for the results of our annual Candy Bracket 🎃 […]
Original post on infosec.exchange
infosec.exchange
October 31, 2025 at 4:34 PM
Reposted by GreyNoise
greynoise.infosec.exchange.ap.brid.gy
Tune in for a very spooky GreyNoise University LIVE, tomorrow October 30th @ 12 ET. Sign up today, if you dare! 🕸️
https://www.greynoise.io/events/greynoise-university-live
GreyNoise University LIVE
www.greynoise.io
October 29, 2025 at 3:57 PM
greynoise.infosec.exchange.ap.brid.gy
Tune in for a very spooky GreyNoise University LIVE, tomorrow October 30th @ 12 ET. Sign up today, if you dare! 🕸️
https://www.greynoise.io/events/greynoise-university-live
GreyNoise University LIVE
www.greynoise.io
October 29, 2025 at 3:57 PM
greynoise.infosec.exchange.ap.brid.gy
We are excited to sponsor #falconeurope2025 next week in Barcelona! If you're there come by booth 45, or want to meet up with the team, let us know! https://www.greynoise.io/events/fal-con-europe-2025
Fal.Con Europe 2025
www.greynoise.io
October 28, 2025 at 9:09 PM
greynoise.infosec.exchange.ap.brid.gy
Want an inside look at what happens when attackers pop our honeypots + AWS slides into our inbox? 📥 Check out Corey's latest blog: https://www.greynoise.io/blog/we-got-yelled-at-by-amazon-so-you-didnt-have-to
We Got Yelled At by Amazon So You Didn’t Have To
At GreyNoise, our sensors attract attackers so you don’t have to. We take the hits, learn from every attack, and share insights so you stay safe.
www.greynoise.io
October 24, 2025 at 4:51 PM
greynoise.infosec.exchange.ap.brid.gy
Threat Actors Rotating New IPs Daily to Attack Microsoft RDP
🔗Full analysis: https://www.greynoise.io/blog/threat-actors-deploying-new-ips-microsoft-rdp
#rdp #greynoise #threatintel
Threat Actors Deploying New IPs Daily to Attack Microsoft RDP
GreyNoise reports attackers using rotating IPs to exploit Microsoft RDP timing vulnerabilities, targeting RD Web Access and RDP login enumeration to evade detection.
www.greynoise.io
October 20, 2025 at 8:41 PM
greynoise.infosec.exchange.ap.brid.gy
GreyNoise's Threat Intelligence Map visualizes network events across the internet, scans, probes, attacks + connects them to geopolitical context. Real-time intelligence, that looks pretty cool too 😎
🗺️ https://threat-map.greynoise.io/
October 16, 2025 at 5:39 PM
greynoise.infosec.exchange.ap.brid.gy
Amid the security incident involving F5 BIG-IP announced today, GreyNoise is sharing recent insights into activity targeting BIG-IP to aid in defensive posturing. The anomalies reported in our blog may not necessarily relate to the 15 Oct incident. ⬇️ […]
Original post on infosec.exchange
infosec.exchange
October 15, 2025 at 11:35 PM
greynoise.infosec.exchange.ap.brid.gy
A global botnet has tripled in size in the past five days, so GreyNoise is sharing an executive situation report (SITREP) to streamline decision making.

Full SITREP: https://info.greynoise.io/hubfs/Situation-Reports/GreyNoise-SITREP-RDP-Attacks.pdf

Use […]

[Original post on infosec.exchange]
October 15, 2025 at 5:56 PM
greynoise.infosec.exchange.ap.brid.gy
Attacker infrastructure evolves in real time. Your defenses should too. Introducing GreyNoise Block, ensuring your blocklists update automatically. 🦾

https://www.greynoise.io/blog/introducing-greynoise-block
Introducing GreyNoise Block: Fully configurable, real-time blocklists
Discover why traditional blocklists fail and how GreyNoise Block offers real-time, configurable, low-noise IP blocking powered by primary-sourced intelligence.
www.greynoise.io
October 14, 2025 at 5:01 PM
greynoise.infosec.exchange.ap.brid.gy
Hey #criblcon25 👋 Looking forward to seeing you soon! 👻🤝🐐
October 13, 2025 at 9:17 PM