Resources
>
NoiseLetter

NoiseLetter October 2025

October 31, 2025
Check it outRead the case studyListen to the podcastView the webinarWatch the video
Table of Contents
Loading nav...

October's NoiseLetter is packed with treats (and some seriously tricky threat intel). We're talking getting yelled at by Amazon, RDP attacks that just won't die, + all the places we are headed to next. But first...keep your eyes peeled for our infamous CANDY BRACKET dropping later today! May the best candy win. 🍫🍬

Bob Unfiltered

VP of Data Science + Research, Bob Rudis, creatively gives his thoughts, hot-takes, and whatever else he feels like.

Featured

Fully configurable, real-time blocklists to stop attackers in their tracks

Security teams already have access to blocklists; commercial feeds, community lists, vendor-curated sets of bad IPs — they’ve been around for decades. And yet, every practitioner has experienced the same frustrations: the lists are too noisy, too static, too opaque, too slow to update, or just not quite meeting the right criteria.

That’s why GreyNoise built Block, a blocklist approach designed to be highly configurable, grounded in primary-sourced intelligence, and updated in real-time as attacker behavior changes.

  Learn More >>

Product Announcements

Are you interested in time travel through network packets?

We’re looking for Active Development Partners who would like to engage in security research by applying Suricata Rules and network packet queries to the GreyNoise historical dataset. If you're interested, please email product@greynoise.io.

Where to find us

  • Fal.on EU (In-Person | Nov 4-6) We are headed to Barcelona for fal.con EU 2025, come by booth #45 for a chance to talk with the team + grab some swag.  Learn More >>
  • Fal.Con Dinner + Drinks (In-Person | Nov 5) If you're attending Fal.Con , join Cribl, NetBuilder, and GreyNoise to continue your evening with great conversation and a fireside chat with Shawn Smagh. Ex Director of the US Cyber National Mission Force - tales from the front line.  After diving deep into CrowdStrike and all their capabilities, kick back with a drink, great company, and some laid-back cybersecurity chatter. Learn More >>
  • SuriCon 2025 (In-Person | Nov 19-21) Join us and our amazing researchers as they speak at this year's SuriCon. Check us out at our booth for swag + great conversation! Learn More >>
  • GreyNoise University LIVE (Virtual | Nov 20) GreyNoise 101, now known as GreyNoise University LIVE is BACK! We are stoked to bring back this once-a-month webinar.  Learn More >>

Fresh Content

Recent Tags and Vulnerabilities

GreyNoise Labs released 503 tags during the month of October (YES this is a ANOTHER record 🤯):

Community

  • Request a New GreyNoise Tag - We've just published a new page to allow our amazing community to submit tag requests to the GreyNoise team. 
  • Try our Free Account - Quickly identify noisy scanners and trending attacks with our free plan.
  • Join our Community Slack and Discord- We share intel, give real time updates, and the occasional Dad joke. 

Meme of the Month

Past years brackets to get you ready! 

*Have a joke you want included in the next NoiseLetter? Submit Your Joke >>

Life @ GreyNoise

Not subscribed to our NoiseLetter? Subscribe here.

Read the transcript

Summary

October's NoiseLetter is packed with treats (and some seriously tricky threat intel). We're talking getting yelled at by Amazon, RDP attacks that just won't die, + all the places we are headed to next. But first...keep your eyes peeled for our infamous CANDY BRACKET dropping later today! May the best candy win. 🍫🍬

Bob Unfiltered

VP of Data Science + Research, Bob Rudis, creatively gives his thoughts, hot-takes, and whatever else he feels like.

Featured

Fully configurable, real-time blocklists to stop attackers in their tracks

Security teams already have access to blocklists; commercial feeds, community lists, vendor-curated sets of bad IPs — they’ve been around for decades. And yet, every practitioner has experienced the same frustrations: the lists are too noisy, too static, too opaque, too slow to update, or just not quite meeting the right criteria.

That’s why GreyNoise built Block, a blocklist approach designed to be highly configurable, grounded in primary-sourced intelligence, and updated in real-time as attacker behavior changes.

  Learn More >>

Product Announcements

Are you interested in time travel through network packets?

We’re looking for Active Development Partners who would like to engage in security research by applying Suricata Rules and network packet queries to the GreyNoise historical dataset. If you're interested, please email product@greynoise.io.

Where to find us

  • Fal.on EU (In-Person | Nov 4-6) We are headed to Barcelona for fal.con EU 2025, come by booth #45 for a chance to talk with the team + grab some swag.  Learn More >>
  • Fal.Con Dinner + Drinks (In-Person | Nov 5) If you're attending Fal.Con , join Cribl, NetBuilder, and GreyNoise to continue your evening with great conversation and a fireside chat with Shawn Smagh. Ex Director of the US Cyber National Mission Force - tales from the front line.  After diving deep into CrowdStrike and all their capabilities, kick back with a drink, great company, and some laid-back cybersecurity chatter. Learn More >>
  • SuriCon 2025 (In-Person | Nov 19-21) Join us and our amazing researchers as they speak at this year's SuriCon. Check us out at our booth for swag + great conversation! Learn More >>
  • GreyNoise University LIVE (Virtual | Nov 20) GreyNoise 101, now known as GreyNoise University LIVE is BACK! We are stoked to bring back this once-a-month webinar.  Learn More >>

Fresh Content

Recent Tags and Vulnerabilities

GreyNoise Labs released 503 tags during the month of October (YES this is a ANOTHER record 🤯):

Community

  • Request a New GreyNoise Tag - We've just published a new page to allow our amazing community to submit tag requests to the GreyNoise team. 
  • Try our Free Account - Quickly identify noisy scanners and trending attacks with our free plan.
  • Join our Community Slack and Discord- We share intel, give real time updates, and the occasional Dad joke. 

Meme of the Month

Past years brackets to get you ready! 

*Have a joke you want included in the next NoiseLetter? Submit Your Joke >>

Life @ GreyNoise

Not subscribed to our NoiseLetter? Subscribe here.

Products
Partners
Resources
Company
© 2025 GreyNoise, Inc. All rights reserved.
YouTube logoJoin us on Slack!Discord logoTikTok logo
Cookie Settings
We use cookies to ensure you get the best experience on our website. Learn more
Got it