GreyNoise

52% of RCE attempts came from IPs with no prior GreyNoise history. New research on where edge defenses fall short + what to do about it: greynoise.io/resources/2026… #ThreatIntel #Cybersecurity #GreyNoise

GreyNoise is proud to be sponsoring the @CrowdStrike CrowdTour across 8 cities! We’re excited to highlight how our integration with Falcon Next-Gen SIEM helps SOC teams stop chasing ghosts and start catching real threats. If you’re attending a tour stop or local to the area, let’s connect to chat about: - Validating your perimeter in real time. - Protecting the identity layer from brute-force scanners. - Filtering out background noise to focus on high-fidelity alerts. 👇Book a meeting with us here: info.greynoise.io/crowdtour-2026… #GreyNoise #CrowdStrike #CrowdTour #SOCEfficiency #InfoSec

Last week, half of all new scanning IPs observed by GreyNoise geolocated to Hong Kong. A quarter-million of them never completed a TCP handshake. The ones that did were scanning MySQL, SSH, SMB, and RDP across 20+ countries. One of these is the signal. The other is noise. 🔗greynoise.io/blog/ghost-fle…

Come by the @corelight_inc booth N-5683 at #RSAC to see a live GreyNoise demo. Starts at 1:00pm PT

NEW: GreyNoise At The Edge Intel Brief (Mar 16–23) 200,886,675 sessions. 101 unique source IPs. Here's what we found: 🔗greynoise.io/resources/at-t…

New GreyNoise At The Edge brief: The internet's scanning infrastructure is reorganizing. UCLOUD (HK) surged +578% to become the #1 scanning ASN, now 15.6% of all observed traffic. Western providers declining simultaneously. 301.8M sessions. 439K IPs. Here's what we found. 🔗 greynoise.io/resources/at-t…

Starting at the top of the hour! 🚨 Hope to see you there to break down all things State of the Edge with @Andrew___Morris , @hrbrmstr + Shawn! There's still time to register 👉 info.greynoise.io/webinar/state-…

TOMORROW! 🚨 Join us for a fast-paced dive into the 2026 GreyNoise State of the Edge Report...from rogue residential botnets to 26-year-old CVEs still getting hammered. Save your spot and see what’s actually hitting the edge. 🔗 info.greynoise.io/webinar/state-…

🚀 New GreyNoise + Google SecOps integrations are live. See which IPs scan everyone vs just you, now directly inside Google SecOps. 🧩 SIEM: Standardized ingestion, dashboards, YARA-L rules, and saved searches ⚡️ SOAR: v7.0 actions, webhooks, and playbooks to automate triage greynoise.io/blog/greynoise…

Hey London! We are closing down day 1 at #ecrimecongress today + cant wait to see you tomorrow! If you're around, say hi to the team, watch a demo, and grab some great swag! 🔥

Edge attacks are evolving faster than your playbook. Join @Andrew___Morris, @hrbrmstr + Shawn Smagh next Tuesday for a live breakdown of where edge targeting is concentrating, where defenses are failing, + what 162 days of internet-scale data says about your real exposure. info.greynoise.io/webinar/state-…

February was anything but quiet at GreyNoise, from our 2026 State of the Edge Report to new edge attack research, Ivanti + BeyondTrust deep dives, and a packed March of events, check it all out in this month's Noiseletter! 🚀 greynoise.io/resources/nois…

GreyNoise is now integrated across CrowdStrike Falcon. 🚀 Falcon users can bring GreyNoise IP classification into Next-Gen SIEM searches, Fusion SOAR playbooks, and Charlotte AI workflows to triage faster, cut background noise + prioritize real threats. greynoise.io/blog/greynoise…

Here's a taste of what GreyNoise customers got in this week's At The Edge intelligence brief. 268M sessions. 540K unique IPs. Four findings that matter. → Sophos CVE-2022-1040 surged 435% — second consecutive week → 9.1M RDP sessions from two IPs, one JA4T fingerprint → VPN siege Week 6 — vendors rotating after our published analysis → Scanning landscape collapsed. Enterprise campaigns didn't. Full brief: IOCs, attribution, recommendations. 🔗 greynoise.io/resources/at-t… greynoise.io/contact

Noise: analyzed. Security: certified. GreyNoise is now ISO 27001 certified 🔐 We spend our days tracking internet background noise and we hold ourselves to the same high security standards we expect from the ecosystem.

GreyNoise observed a coordinated campaign probing SonicWall firewalls to identify which devices have SSL VPN enabled — the prerequisite step before credential attacks. Four infrastructure clusters, a commercial proxy service rotating thousands of IPs, and near-zero exploitation. This is target mapping. 🔗greynoise.io/blog/active-re…

🕵 What started as a simple "Hey, I keep seeing this string. Any ideas?" message kicked off an investigation finding a cryptostealing and database wiping operation. Follow the string in the latest GreyNoise Labs post: labs.greynoise.io/grimoire/2026-…

Join us today at 12pm ET for February’s GreyNoise University LIVE session, where you’ll get an overview of what’s new at GreyNoise, plus a live demo of our tools and latest product releases. 🔗 greynoise.io/events/greynoi…

Aprendes OPSEC, Investigación e inteligencia y tienes acceso a @MaltegoHQ , @GreyNoiseIO , @ipinfo, @modat_magnify y no sé cuántas cosas más en el mismo bootcamp de @ParanoidS3c y @_BashBunny_ en @rootedcon Poca broma!!! 😱🤩

This week's At the Edge: CLEAR is out — a preview of the intel brief GreyNoise customers get every week. 🔗 greynoise.io/resources/at-t… That's just the preview. greynoise.io/contact #ThreatIntel #CyberSecurity #GreyNoise