Information Security News
Im operating a mail server which handles email flows from multiple domains (20 domains). The server is under a massive IMAPS (%%port:993%%) scan for a few days. More details about the ongoing attack:
There is an OSSEC active-response with the repeated_offender">%%ip:220.127.116.11%%
Someone else has already detected the same kind of scan?
Xavier Mertens (@xme)
ISC Handler - Freelance Security Consultant