Investigating Suspicious Hosting Infrastructure
Initial reconnaissance of infrastructure linked to suspicious automation services. DNS, ASN ownership, and hosting provider patterns were analyzed.
Read Investigation →Network analysis, infrastructure investigations, and cybersecurity tooling.
Initial reconnaissance of infrastructure linked to suspicious automation services. DNS, ASN ownership, and hosting provider patterns were analyzed.
Read Investigation →Deploying lightweight honeypots to collect attacker behavior and brute-force data.
Read Investigation →Analysis of abnormal traffic observed on a VPN node including packet rate, traffic vector identification, and mitigation steps.
Read Investigation →