Cybersecurity

5833 readers

95 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago

MODERATORS

[email protected]

Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials (blog.talosintelligence.com)

submitted 1 month ago by [email protected] to c/[email protected]

4 comments fedilink hide all child comments

top 4 comments

sorted by: hot top controversial new old

[–] [email protected] 13 points 1 month ago (1 children)

For as long as I can remember, open SSH endpoints have been subject to password scan attacks from random corners of the internet. It’s just how life is.

[–] EisFrei 4 points 1 month ago

The moment I install ssh is the moment I install fail2ban.

[–] [email protected] 1 points 1 month ago

I was exited to read about the recent surge of brute force attempts I received from IPs my fail2ban has not previously seen, but this is just a generic piece from 6 months ago :(

[–] [email protected] 1 points 1 month ago

I found just white listing cidrs from your country the most effective way to reduce this log spam. I only use keys anyway so the attempts are pointless.