Simo
@SimoKohonen
Followers
2K
Following
8K
Media
962
Statuses
4K
chief honeypot @defusedcyber
β π» π π‘ cyberspace
Joined February 2016
Friends, we are live! π₯³ Defused TF, our first paid plan, now available π Super happy to finally get this out the door but so much more to come!
DEFUSED TF [βThreatFlixβ] is LIVE! π₯³π₯³ Pricing details: https://t.co/YN0ubeqgMT Subscribe: https://t.co/vJlRQ5KmoN Plans starting at $29 USD / month!
6
5
23
Friends, we are live! π₯³ Defused TF, our first paid plan, now available π Super happy to finally get this out the door but so much more to come!
DEFUSED TF [βThreatFlixβ] is LIVE! π₯³π₯³ Pricing details: https://t.co/YN0ubeqgMT Subscribe: https://t.co/vJlRQ5KmoN Plans starting at $29 USD / month!
6
5
23
π―π―π―
New Free Stream on Defused TF ["ThreatFlix"] π― We have added Oracle E-Business into the free streams Sign up now to take advantage of free Oracle E-Business threat intelligence: https://t.co/GXFaqghsXI
1
0
6
> launch a product > immediately get hit by a ddos The internet is such a friendly place π
5
1
15
ππππππ
This platform @SimoKohonen has built @DefusedCyber is really cool. I've seen first hand how hard he's been working to bring this to you all. Countless hours of troubleshooting, and tons and tons of feedback to hone in on what would be the most useful and valuable. Couldn't be
0
0
8
Translating noise into signals one honeypot at a time π Checkout @DefusedCyber yβall, a great way to stay ahead of the game!
Friends, we are live! π₯³ Defused TF, our first paid plan, now available π Super happy to finally get this out the door but so much more to come!
0
2
18
This is a steal - perfect price point for quick honeypot deployments. @DefusedCyber keeps these up to date and cutting edge. Buy this instead of a bag of coffee for a month and it'll pay dividends!
Friends, we are live! π₯³ Defused TF, our first paid plan, now available π Super happy to finally get this out the door but so much more to come!
1
1
11
π₯°π₯°π₯°
Friends, we are live! π₯³ Defused TF, our first paid plan, now available π Super happy to finally get this out the door but so much more to come!
2
1
23
Iβm totally biased here, but I really think CTI folks and threat researches will get a lot of value from this platform ππ€πͺ
Friends, we are live! π₯³ Defused TF, our first paid plan, now available π Super happy to finally get this out the door but so much more to come!
1
2
15
Seriously awesome stuff from @SimoKohonen!!! Why manage your own honeypots anymore?! ππ€πͺππ― Highly recommend checking this out if youβre in threat intel/security research.
0
2
15
Every launch needs an over-the-top hype vid Wear headphones for max experience Tomorrow 12pm EST - LFGgggg
4
1
19
β Exploitation of the unknown Fortinet exploit (FortiWeb path traversal / API exploit) continues from 89.169.55.168 π©πͺ (unbiaseddeer.ptr . network) 0/95 on VirusTotal - but IP has been observed exploiting an Oracle vulnerability and domain widely used in exploit activity
0
5
6
ππ
β Exploitation of the unknown Fortinet exploit (FortiWeb path traversal / API exploit) continues from 89.169.55.168 π©πͺ (unbiaseddeer.ptr . network) 0/95 on VirusTotal - but IP has been observed exploiting an Oracle vulnerability and domain widely used in exploit activity
0
0
18
you know its serious when the hacker is using leetspeak in their exploits
β Multiple IPs mass exploiting unknown Fortinet exploit (FortiWeb path traversal / API exploitation) The exploit aims at creating a user with the user-password combination Testpoint:AFT3$tH4ckmet0d4yaga!n π IPs involved in this exploit: 185.192.70.39 185.192.70.55
0
0
7
Some heightened activity on WSUS / CVE-2025-59287 during the last few days, put one of the payloads into a gist if someone is interested: https://t.co/ttzcTuh9V4
0
19
57
ππ
β οΈActor mass exploiting unknown Fortinet exploit (FortiWeb path traversal / API exploitation) from 107.152.41.19 πΊπΈ ( TZULO ) VirusTotal Detections 0/95 π’ After the exploit, the actor attempted to login using the newly created username-credential pair π
0
0
10
Interesting exploits hitting multiple Cisco ASA honeypots Notably in the payload: <svg/onload=alert('PTSwarm')> PTSwarm is the offensive arm of Positive Technologies, a Russian company that "..supports RU Intelligence in carrying out malicious cyber activities against the US"
1
5
12
always patch! π
Patching Motivation of the Day π Actor repeatedly hammering the CVE-2025-25257 exploit onto our Fortiweb honeypots with a DROP TABLE payload 213.209.143.41 just wants to watch the world burn! π₯
0
1
16