Red Piranha Threat Intelligence Report (27th August - 2nd Sep 2017)

Top 10 Attacker Countries

The following data states the extent of attacks that have originated from various countries.

The following data states the extent of attacks that have originated from various countries.

The following figure shows the extent of attacks that have originated from various countries.

Top 10 Attacker Host

The following data states the extent of attacks that have originated from specific host IP address.

The following data states the extent of attacks that have originated from specific host IP address.

The following figure shows the extent of attacks that have originated from specific host IP address.

Detailed Report on Suspicious Hosts:

Behavior: Scanning hosts

Activity: Continuously using different username password combination existing and non existing usernames.

We have found following different types of events:

SSHD authentication failed.

Multiple SSHD authentication failures.

Multiple failed logins in a small period of time.

SSH insecure connection attempt (scan).

Failed Password

Invalid User

Input userauth request invalid user

Type of attack: Bruteforce

Source IP Addresses:

218.87.109.152

58.218.198.171

5.101.40.10

103.31.80.190

181.176.181.150

213.159.63.112

77.72.82.183

113.195.145.79

93.174.93.10

Details
Date Published
September 04, 2017
Category
Threat Intelligence