Not quite butter, but margarine

Figure 1: Top 50 most commonly observed credentials; the “:” entry is an artifact of how I joined the columns and represents an empty value for the username and password
Figure 2: Unusual login to my honeypot
Figure 3: Butter logins to my honeypot
Figure 4: ASN information for ‘butter’ IP addresses
Figure 5: Passage from Guardicore’s blog post describing the initial stage of the ‘butter’ attack

--

--

--

Security engineer with a running problem.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Solving the Secret-Zero Problem: Secure Unsealing for HashiCorp Vault

DLL Injection Attack in Kerberos NPM package

{UPDATE} Babysitter Makeup Party Salon - Baby Girl Games Hack Free Resources Generator

Your Business is Losing Money by Not Securing Against SQL Injection

SQL Injection

TLS communication — Observing the internals of SSL/TLS workflow

How To Setup A VPN On Android

GODZ Will be Available on CoinTiger on 5 July.

THG Will be Available on CoinTiger on 7 July.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Emily Austin

Emily Austin

Security engineer with a running problem.

More from Medium

How do Red Team Exercises help CISO to Validate the Security Controls Effectively?

Linux Privilege Escalation Resources

How to provide cybersecurity solutions and services on a large scale

What Lapsus$ Tells Us About The State Of Cybersecurity