Bad Packets® Cyber Threat Intelligence
The cybersecurity landscape is constantly evolving as emerging threats continue to target enterprise networks, internet of things (IoT) devices, and cloud computing environments. Monitoring and identifying these threats is a critical task to mitigate the damage done by threat actors.
Our worldwide network of honeypots detect active botnets, including variants of Mirai malware, that are scanning the internet and engaging in malicious activity. We locate distributed denial-of-service (DDoS) botnet command-and-control (C2) servers and report them to the affected network providers, CERT teams, and law enforcement agencies. IoT devices infected with malware are frequently used for conducting DDoS attacks – making it an important task to locate and remediate compromised hosts quickly.
We provide curated threat intelligence data feeds for malicious activity targeting:
- Pulse Secure VPN (CVE-2019-11510) exploits
- Citrix (CVE-2019-19781) mass scanning
- F5 BIG-IP (CVE-2020-5902) targeted activity
IoT and consumer networking devices
Microsoft Windows servers
- BlueKeep (CVE-2019-0708) and other RDP attacks
- Microsoft Exchange
Distributed computing platforms
Content management systems
Bad Packets® Enterprise CTI dataset is tagged with the targeted device/service, vulnerability exploited, and includes CVE when applicable. Our API also provides the location of malware payloads (binaries) used by threat actors and is continuously updated with the latest indicators of compromise (IOCs) as new threats are detected. New unique Mirai-like (DDoS) botnet detections are added to mirai.badpackets.net hourly.
Research and Enterprise plans provide faster update intervals and include technical support under our standard subscription agreement. Please visit our pricing page to sign up for our cyber threat intelligence offerings. We also offer cybersecurity consulting services, please contact us for more information.