#honeytoken — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #honeytoken, aggregated by home.social.
-
Did someone already set up a honeypot with valid
.envcredentials and honeytokens?I'm really curious about a specific IP (78[.]153[.]140[.]171) which is hammering a shitload of virtual hosts with different
.envpaths.I'd love to understand where these credentials are actually being used later on.
-
We have added deceptive decoys to a Capture The Flag challenge and monitored players.
Did that work? YES 🙂
More details here: https://blogs.sap.com/2023/11/15/disinformation-for-the-greater-good/
-
Do you use honeytoken accounts or devices in your organization?
#Honeytoken #accounts are accounts that serve as bait for a threat actor. From an organization's perspective, these are standard accounts, usually equivalent to a regular employee's account. The only difference is that no one uses these accounts.
Honeytoken accounts can also be configured in Microsoft Defender for Identity (#MDI). Any activity on such an account is then immediately reported as an incident in Microsoft 365 Defender. In addition to user accounts, it is also possible to add honeytoken devices with a similar principle.