Free Threat Feeds

Shadowserver’s new daily reports as part of the VARIoT project

The following new daily reports are sent out to 201 National CSIRTs (from 135 countries, and covering 175 countries and territories) and 7000+ organizations worldwide in Shadowserver free daily feeds as part of the VARIoT project (as of November 2022):

New IoT scan types and reports

Accessible AMQP Report

Accessible CoAP Report

Open IPP Report

Open MQTT Report (includes MQTT/TLS)

Open DVR DHCP Discover

New Device Identification Report that utilizes device fingerprinting technology and fingerprints developed as part of VARIoT, for IoT and other device identification. As of November 2022, over 1350 fingerprints exist covering 206 vendors.

New Device Identification Report (includes also an IPv6 version)

Honeypot & Malware reports:

Malware URL report (newly added)

Honeypot DDoS Events Report

Honeypot DDoS Target Events Report

Honeypot HTTP Scanner report (enhanced with CVE, MITRE ATT&CK, CVSS, device/product and other attack meta-information)

Honeypot ICS Scanner report (maintained from https://sissden.eu):

New IPv6 scans and IPv6 reports:

Accessible HTTP

Accessible SMTP

Accessible SSH

Accessible SSL

Accessible Telnet

Device Identification

Open CWMP

Open IPP

Open MQTT

Open SNMP

SSL FREAK

SSL Poodle

Vulnerable HTTP

Vulnerable SMTP

The VARIoT (Vulnerability and Attack Repository for IoT) project with TENtec n. 28263632 is Co-financed by the Connecting Europe Facility of the European Union. The contents of this Web site are the sole responsibility of the VARIoT consortium and do not necessarily reflect the opinion of the European Union. Should you have any question, request or opinion, please contact us at info(@)variot(.)eu