Red Piranha Threat Intelligence Report - August 27 - September 2 2018

TRENDS

  • Bruteforce Authentication - SSH with 207 occurrences is the top alarm this week.   
  • China is on top of the list this with 25.9% of the attackers this week.  


TOP ATTACKER COUNTRIES

CountryNo. of AttackersPercentage
China133725.86%
United States106320.56%
Russian Federation3917.56%
Brazil2705.22%
France2414.66%
Vietnam2184.22%
Republic of Korea2164.18%
India1913.69%
Egypt1212.34%
United Kingdom1202.32%
Italy1192.30%
Netherlands1162.24%
Australia1122.17%
Taiwan1102.13%
Canada1062.05%
Indonesia1001.93%
Germany951.84%
Columbia841.62%
Thailand821.59%
Ukraine791.53%


Top Cyber Attackers by Country August 27 - September 2 2018


THREAT GEOLOCATION

Cyber Security Threat Geolocations August 27 - September 2 2018


TOP ATTACKING HOSTS

HostOccurrences
52.32.138.211224
5.244.86.19321
141.212.122.4810
89.248.167.1319
193.201.224.1588
61.177.172.608



TOP ALARMS

AlarmNo. of Occurrences
Bruteforce Authentication - SSH 207
Database Attack - Stored Procedures Access - Attack147
Attack Tool Detected147
WebServer Attack - Attack123
OTX Indicators of Compromise123


Comparison to the Previous Report 


AlarmNo. of Occurrences
Delivery & Attack - Bruteforce Authentication - SSH 170
Reconnaissance & Probing - Attack Tool detected - Attack113
Environmental Awareness - OTX Indicators of Compromise - PULSE90
Reconnaissance & Probing - Database Attack - Stored Procedure Access - Attack114
Delivery & Attack - WebServer Attack - Attack31



EXPLOIT EVENT TYPES

Exploit Events August 27 - September 2 2018



OPEN THREAT EXCHANGE

Pulses SubscribedIndicatorsLast UpdatedNumber of AlarmsNumber of Events
5,600865,5992018-09-03 00:28:555,02212,699




VULNERABILITY NEWS

Vuln: Apache Traffic Server CVE-2018-8005 Denial of Service Vulnerability
securityfocus.com/bid/105187

Vuln: Microsoft Windows LSASS Buffer Overrun Vulnerability
securityfocus.com/bid/10108


Top Attacker Hosts August 27 - September 2 2018
Details
Category
Threat Intelligence