Bad Packets

@bad_packets

Tweets by Troy Mursch. We provide cyber on emerging threats, DDoS botnets, and network abuse. References:

Chicago, IL
badpackets.net
Joined April 2017
3,901 Photos and videos Photos and videos

Tweets

You blocked @bad_packets

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @bad_packets

  1. Pinned Tweet
    Feb 27

    solarwinds123

    37 replies 87 retweets 674 likes
    Undo
  2. 18 hours ago

    Mass scanning activity detected from 107.181.187.239 (🇺🇸) targeting Fortinet VPN servers vulnerable to unauthenticated arbitrary file read (CVE-2018-13379) leading to disclosure of usernames and passwords in plaintext.

    12 retweets 12 likes
    Undo
  3. Apr 29

    Top 10 Countries – April 29, 2021 New unique DDoS malware hosts detected by country: 🇨🇳 China: 322 🇮🇳 India: 177 🇻🇳 Vietnam: 107 🇷🇺 Russia: 64 🇹🇼 Taiwan: 56 🇧🇷 Brazil: 56 🇺🇸 United States: 42 🇮🇷 Iran: 27 🇹🇷 Turkey: 27 🇪🇸 Spain: 27

    9 retweets 20 likes
    Undo
  4. Apr 29

    Mass scanning activity detected from 45.155.205.165 (🇷🇺) targeting Fortinet VPN servers vulnerable to unauthenticated arbitrary file read (CVE-2018-13379) leading to disclosure of usernames and passwords in plaintext.

    19 retweets 18 likes
    Undo
  5. Apr 26

    Mass scanning activity detected from 193.108.115.138 (🇳🇱) targeting Microsoft Exchange servers vulnerable to CVE-2021-26855 ().

    7 retweets 16 likes
    Undo
  6. Apr 25

    Mass scanning activity detected from 45.141.87.5 (🇷🇺) targeting Microsoft Exchange servers vulnerable to CVE-2021-26855 ().

    15 retweets 19 likes
    Undo
  7. Apr 25

    Top 10 Countries – April 24, 2021 New unique DDoS malware hosts detected by country: 🇨🇳 China: 367 🇮🇳 India: 108 🇷🇺 Russia: 53 🇻🇳 Vietnam: 42 🇧🇷 Brazil: 40 🇺🇸 United States: 36 🇹🇷 Turkey: 34 🇪🇸 Spain: 25 🇹🇼 Taiwan: 24 🇬🇷 Greece: 23

    17 retweets 23 likes
    Undo
  8. Apr 23

    If you're deploying your CVE-2021-22893 payload this weekend, feel free to test it against one of our honeypots first.

    9 retweets 49 likes
    Undo
  9. Apr 21

    Pulse Secure

    2 replies 3 retweets 16 likes
    Undo
  10. Apr 20

    "An unspecified vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect Secure may allow a remote, unauthenticated attacker to execute arbitrary code." CVE-2021-22893

    1 reply 8 retweets 23 likes
    Undo
  11. Retweeted
    Apr 20

    🚨 ACTIVITY ALERT 🚨 Review 's new Alert on active exploitation of Pulse Connect Secure vulnerabilities. This activity is targeting U.S. government agencies, critical infrastructure entities, & private sector organizations.

    8 replies 194 retweets 199 likes
    Undo
  12. Retweeted
    Apr 20

    Pulse Secure VPN zero-day used to hack defense firms, govt orgs -

    3 replies 97 retweets 136 likes
    Undo
  13. Apr 19

    Mass scanning activity detected from 109.94.164.11 (🇮🇷) targeting Fortinet VPN servers vulnerable to unauthenticated arbitrary file read (CVE-2018-13379) leading to disclosure of usernames and passwords in plaintext.

    24 retweets 42 likes
    Undo
  14. Apr 17

    Activity is ongoing, last seen 2021-04-17T15:07:53Z.

    Mass scanning activity detected from 45.141.87.5 (🇷🇺) targeting Microsoft Exchange servers vulnerable to CVE-2021-26855 ().
    10 retweets 14 likes
    Undo
  15. Apr 16

    Mass scanning activity detected from 185.191.32.158 (🇷🇺) targeting Fortinet VPN servers vulnerable to unauthenticated arbitrary file read (CVE-2018-13379) leading to disclosure of usernames and passwords in plaintext.

    18 retweets 34 likes
    Undo
  16. Apr 16

    Mass scanning activity detected from 31.44.185.188 (🇷🇺) targeting F5 iControl REST endpoints vulnerable to unauthenticated remote command execution (CVE-2021-22986). Vendor advisory:

    9 retweets 21 likes
    Undo
  17. Apr 15

    Mass scanning activity detected from 141.98.10.207 (🇱🇹) targeting Palo Alto GlobalProtect VPN servers.

    3 replies 12 retweets 24 likes
    Undo
  18. Apr 15

    Mass scanning activity detected from 168.63.249.142 (🇸🇬) targeting Fortinet VPN servers vulnerable to unauthenticated arbitrary file read (CVE-2018-13379) leading to disclosure of usernames and passwords in plaintext.

    2 replies 12 retweets 23 likes
    Undo
  19. Apr 14

    Top 10 Countries – April 13, 2021 New unique DDoS malware hosts detected by country: 🇨🇳 China: 342 🇮🇳 India: 152 🇪🇬 Egypt: 63 🇬🇷 Greece: 53 🇯🇵 Japan: 40 🇻🇳 Vietnam: 39 🇷🇺 Russia: 37 🇺🇸 United States: 37 🇪🇸 Spain: 32 🇧🇷 Brazil: 27

    17 retweets 39 likes
    Undo
  20. Apr 13

    Activity is ongoing, last seen 2021-04-13T20:02:42Z.

    Mass scanning activity detected from 45.141.87.5 (🇷🇺) targeting Microsoft Exchange servers vulnerable to CVE-2021-26855 ().
    8 retweets 13 likes
    Undo
  21. Apr 13

    "This operation removed one early hacking group’s remaining web shells which could have been used to maintain and escalate persistent, unauthorized access to U.S. networks."

    5 retweets 12 likes
    Undo

@bad_packets hasn't Tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·