Red Piranha Threat Intelligence Report - Dec. 10 to Dec. 16 2017

Top Attacker by Country


top attacker by country



Top Attacker by Host


Top host



Detailed Report on Suspicious Hosts


Behaviour:Scanning Hosts
Activity:Continuously using different username, password combination on existing and non-existing username
Different Types of Events Found:SSHD authentication failed

Multiple SSHD authentication failure

Multiple failed logins in a small period of time

SSH insecure connection attempt (scan

Failed Password

Invalid User

Input UserAuth request invalid user
Type of Attack:Bruteforce



Source IP Addresses


5.101.40.10103.207.37.198199.195.248.31
202.70.67.66212.152.179.1232.239.208.154
120.205.199.21874.82.47.5181.196.17.206



Alarms Reports


Alarms




AV/IPS Rules


NGAY CAMPAIGN RIG EK PUSHES QUANT LOADER & MONERO CPU MINER

Details
Date Published
December 18, 2017