Trends
- The top attacker country was United States with 2670 unique attackers (26.11%)
Top Attacker by Country
| Country | No. of Attackers | Occurrences |
|---|---|---|
| China | 2168 | 26.83% |
| United States | 2103 | 26.03% |
| Brazil | 520 | 6.44% |
| France | 424 | 5.25% |
| Korea | 351 | 4.34% |
| India | 350 | 4.33% |
| Australia | 294 | 3.64% |
| United Kingdom | 255 | 3.16% |
| Netherlands | 214 | 2.65% |
| Canada | 202 | 2.50% |
| Germany | 190 | 2.35% |
| Indonesia | 175 | 2.17% |
| Vietnam | 170 | 2.10% |
| Singapore | 154 | 1.91% |
| Taiwan | 146 | 1.81% |
| Italy | 144 | 1.78% |
| Hong Kong | 126 | 1.56% |
| Colombia | 94 | 1.16% |
Threat Geo-location
Top Attacking Hosts
| Host | Occurrences |
|---|---|
| 185.153.196.37 | 159 |
| 185.53.91.32 | 151 |
| 185.255.31.14 | 147 |
| 185.254.123.20 | 142 |
Top Network Attackers
| Origin AS | Announcement | Description |
|---|---|---|
| AS133752 | 43.249.36.0/23 | LeaseWeb Asia Pacific - Hong Kong |
| AS199264 | 185.53.91.0/24 | CLOUD STAR HOSTING SERVICES |
| AS36678 | 203.19.32.0/21 | CHINANET FUJIAN PROVINCE NETWORK |
| AS4134 | 115.224.0.0/12 | CHINANET Zhejiang province network |
Exploit Event Types and Top Event NIDS
Top Alarms
| Type of Alarm | No. of Occurrences |
|---|---|
| Trojan Infection - IDS Event | 554 |
| OTX Indicators of Compromise - PULSE | 344 |
| Database Attack - Stored Procedure Access - Attack | 15 |
| Attack Tool Detected - Attack | 9 |
| Attack Tool Detected - SSH | 5 |
| WebServer Attack - Attack | 3 |
| Bruteforce Authentication - SSH | 2 |
Vulnerabilities
SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2019-02-08
Google Android Multiple Kernel Components Multiple Information Disclosure Vulnerabilites
2019-02-08
Google Android Multiple Qualcomm Components Multiple Security Vulnerabilities
Cisco Meeting Server CVE-2019-1678 Denial of Service Vulnerability
2019-02-08
Linux Kernel CVE-2018-1087 Local Privilege Escalation Vulnerability
2019-02-08
Apache Subversion CVE-2018-11803 Denial of Service Vulnerability
2019-02-08
Schneider Electric Zelio Soft 2 CVE-2018-7817 Remote Code Execution Vulnerability
2019-02-08
Jenkins Multiple Input Validation Security Vulnerabilities
2019-02-07
Apple iOS CVE-2019-7287 Memory Corruption Vulnerability
2019-02-07
Apple iOS and macOS CVE-2019-7286 Memory Corruption Vulnerability
2019-02-07