Jérôme Meyer
@jmeyer.infosec.exchange.ap.brid.gy
Security research at Nokia Deepfield (he/they).
EN/FR posts | Fan of Crocker’s Rules, art, and the Oxford comma.
[bridged from https://infosec.exchange/@jmeyer on the fediverse by https://fed.brid.gy/ ]
EN/FR posts | Fan of Crocker’s Rules, art, and the Oxford comma.
[bridged from https://infosec.exchange/@jmeyer on the fediverse by https://fed.brid.gy/ ]
@hrbrmstr Brazil is pretty wild. Tons of Mikrotik, even more pirated TV boxes, and extortion-driven DDoS (including by security providers).
November 28, 2025 at 6:48 AM
@hrbrmstr Brazil is pretty wild. Tons of Mikrotik, even more pirated TV boxes, and extortion-driven DDoS (including by security providers).
@hrbrmstr doesn’t seem likely — sadly, all residential buildings.
https://www.scmp.com/news/hong-kong/society/article/3334292/44-dead-279-missing-hong-kong-fire-3-arrested-investigation-launched
https://www.scmp.com/news/hong-kong/society/article/3334292/44-dead-279-missing-hong-kong-fire-3-arrested-investigation-launched
44 dead, 279 missing in Hong Kong’s worst fire; Jack Ma, others make donations
Three people arrested for manslaughter as police search premises of housing estate’s building maintenance firm in San Po Kong, seizing documents.
www.scmp.com
November 27, 2025 at 5:26 AM
@hrbrmstr doesn’t seem likely — sadly, all residential buildings.
https://www.scmp.com/news/hong-kong/society/article/3334292/44-dead-279-missing-hong-kong-fire-3-arrested-investigation-launched
https://www.scmp.com/news/hong-kong/society/article/3334292/44-dead-279-missing-hong-kong-fire-3-arrested-investigation-launched
@hrbrmstr The source port spread is pretty cool to look at too — very different distribution for CGNAT compared to typical single-subscriber use.
November 18, 2025 at 1:23 PM
@hrbrmstr The source port spread is pretty cool to look at too — very different distribution for CGNAT compared to typical single-subscriber use.
@hrbrmstr Note that with CGNAT the same public IP is shared across several (I want to say 50-100 but don’t quote me on this) subscribers. It can be tricky to detect, unlike VPN exit nodes (and it’s been a pain for us too).
October 26, 2025 at 2:12 AM
@hrbrmstr Note that with CGNAT the same public IP is shared across several (I want to say 50-100 but don’t quote me on this) subscribers. It can be tricky to detect, unlike VPN exit nodes (and it’s been a pain for us too).
@hrbrmstr I checked these against our own tags: about 103k of them are related to a major residential proxy wholesaler, and about half of that (that we know of) are related to Badbox 2.
In most cases, these IP addresses are from folks who bought an Android-based TV box from some random seller […]
In most cases, these IP addresses are from folks who bought an Android-based TV box from some random seller […]
Original post on infosec.exchange
infosec.exchange
October 11, 2025 at 5:53 AM
@hrbrmstr I checked these against our own tags: about 103k of them are related to a major residential proxy wholesaler, and about half of that (that we know of) are related to Badbox 2.
In most cases, these IP addresses are from folks who bought an Android-based TV box from some random seller […]
In most cases, these IP addresses are from folks who bought an Android-based TV box from some random seller […]
@GossiTheDog Indeed, no perfect solution, especially when you see this: https://x.com/grok/status/1913956990545702970
May 13, 2025 at 4:48 AM
@GossiTheDog Indeed, no perfect solution, especially when you see this: https://x.com/grok/status/1913956990545702970
@bongoknight Will be there (first time for me!)
April 29, 2025 at 5:54 AM
@bongoknight Will be there (first time for me!)
(Corollary: what a sunset yesterday.)
March 19, 2025 at 10:33 PM
(Corollary: what a sunset yesterday.)