Trends
- The top attacker country was United States with 2203 unique attackers (30.98%)
- OTX Pulse was the Top Alarm of the week with 579 occurrences (93.2%)
- The exploit event type on top this week was Cross Site Scripting with 71% occurrences.
Top Attacker by Country
| Country | No. of Attackers | Occurrences |
|---|
| United States | 2924 | 27.30% |
| China | 2518 | 23.51% |
| Brazil | 545 | 5.09% |
| Russian Federation | 540 | 5.04% |
| France | 533 | 4.98% |
| Indonesia | 510 | 4.76% |
| United Kingdom | 408 | 3.81% |
| Germany | 367 | 3.43% |
| India | 357 | 3.33% |
| Korea | 311 | 2.90% |
| Canada | 270 | 2.52% |
| Netherlands | 263 | 2.46% |
| Italy | 190 | 1.77% |
| Australia | 189 | 1.76% |
| Singapore | 179 | 1.67% |
| Vietnam | 173 | 1.62% |
| Taiwan | 166 | 1.55% |
| Poland | 134 | 1.25% |
| Hong Kong | 133 | 1.24% |
Threat Geo-location
Top Attacking Hosts
| Host | Occurrences |
|---|
| 216.218.142.50 | 568 |
| 203.166.220.2 | 449 |
| 185.117.83.50 | 426 |
| 158.69.221.198 | 411 |
Top Alarms
| Alarm | No. of Occurrences |
| OTX Indicators of Compromise - PULSE | 579 |
| Bruteforce Authentication - SSH | 36 |
| WebServer Attack - XSS | 4 |
| Database Attack - Stored Procedure Access - Attack | 1 |
| Attack Tool Detected - Attack | 1 |
Comparison from Previous Report
| Alarm | No. of Occurrences |
|---|
| OTX Indicators of Compromise - PULSE | 275 |
| Bruteforce Authentication - SSH | 4 |
| Attack Tool Detected - Attack | 1 |
Top Network Attackers
| Origin AS | Announcement | Description |
|---|
| AS6939 | 216.218.128.0/17 | Hurricane Electric LLC |
| AS10143 | 115.70.31.0/24 | Exetel Broadband Users |
| AS63981 | 203.166.220.0/22 | 183 Electric Road, North Point, Hong Kong |
| AS203918 | 185.117.83.0/24 | Securax Ltd |
| AS16276 | 158.69.0.0/16 | OVH Hosting, Inc. |
Exploit Event Types and Top Event NIDS
