Red Piranha Threat Intelligence Report (27th August - 2nd Sep 2017)


Top 10 Attacker Countries

The following data states the extent of attacks that have originated from various countries.

The following data states the extent of attacks that have originated from various countries.

The following figure shows the extent of attacks that have originated from various countries.

Top 10 Attacker Host

The following data states the extent of attacks that have originated from specific host IP address.

The following data states the extent of attacks that have originated from specific host IP address.

The following figure shows the extent of attacks that have originated from specific host IP address.

Detailed Report on Suspicious Hosts:

Behavior: Scanning hosts

Activity: Continuously using different username password combination existing and non existing usernames.

We have found following different types of events:

SSHD authentication failed.
Multiple SSHD authentication failures.
Multiple failed logins in a small period of time.
SSH insecure connection attempt (scan).
Failed Password
Invalid User

Input userauth request invalid user

Type of attack: Bruteforce

Source IP Addresses:

218.87.109.152
58.218.198.171
5.101.40.10
103.31.80.190
181.176.181.150
213.159.63.112
77.72.82.183
113.195.145.79
93.174.93.10
Details
Date Published
September 04, 2017
Category
Threat Intelligence