threat-intelligence-report

Trends

  • The top attacker country was China with 1169 unique attackers (24.69%)
  • The top Exploit event was Cross Site Scripting with 68% of occurrences


Top Attacker by Country

CountryOccurrencesPercentage
China116924.69%
United States108222.85%
Russian Federation3136.61%
Brazil2615.51%
Vietnam2375.01%
France2074.37%
India2054.33%
Republic of Korea1883.97%
United Kingdom1332.81%
Taiwan1322.79%
Canada1282.70%
Egypt1032.18%
Germany1032.18%
Netherlands1012.13%
Indonesia931.96%
Hong Kong841.77%
Greece681.44%
Italy651.37%
Australia631.33%


Top Cyber Attackers by Country June 10-16 2019


Threat Geo-location

Cyber Security Threat Geolocations June 10-16 2019


Top Attacking Hosts

HostOccurrences
58.242.83.3920
188.92.77.2358
66.240.205.343



Top Network Attackers

Origin ASAnnouncementDescription
AS483758.242.0.0/15China Unicom AnHui province network
AS37560197.231.220.0/22Cyberdyne S.A
AS1043971.6.128.0/17CariNet, Inc



Top Event NIDS and Exploits

Top Event NIDS and Exploits June 10-16 2019

Top Alarms


Type of AlarmOccurrences
Automated Actionable Intelligence IOC's157
Trojan infection - IDS Event117
Network Discovery - IDS Event24
Bruteforce Authentication - SSH8
WebServer Attack - XSS1


Comparison from last week

Type of AlarmOccurrences
Trojan Infection - IDS Event456
Automated Actionable Intelligence IOC's131
Bruteforce Authentication - SSH50
Network Discovery - IDS Event27



CVE

This is a list of recent vulnerabilities for which exploits are available.

ID: CVE-2019-1040
Title: Microsoft Windows NTLM Tampering Vulnerability

ID: CVE-2019-12308
Title: Microsoft Windows Security Feature Bypass Vulnerability

ID: CVE-2019-0973
Title: Microsoft Windows Installer DLL Loading Local Privilege Escalation Vulnerability

ID: CVE-2019-12735 
Title: Vim and Neovim Arbitrary Code Execution Vulnerability

ID: CVE-2019-9501
Title: Broadcom WiFi Chipset Drivers Multiple Heap Buffer Overflow Vulnerabilities

ID: CVE-2019-9503
Title: Linux Kernel Security Bypass and Heap Buffer Overflow Vulnerabilities

ID: CVE-2019-0307
Title: SAP Solution Manager Remote Information Disclosure Vulnerability


Vulnerabilities

Apache HTTP Server CVE-2019-0220 Remote Security Vulnerability
securityfocus.com/bid/107670

Apache HTTP Server CVE-2019-0197 Denial of Service Vulnerability
securityfocus.com/bid/107665

Apache httpd CVE-2019-0196 Security Bypass Vulnerability
securityfocus.com/bid/107669

Microsoft Windows 'SetJobFileSecurityByName()' Function Local Privilege Escalation Vulnerability
securityfocus.com/bid/108423

Microsoft Windows CVE-2019-1064 Local Privilege Escalation Vulnerability
securityfocus.com/bid/108587

Microsoft Windows Shell CVE-2019-1053 Local Privilege Escalation Vulnerability
securityfocus.com/bid/108585

Microsoft Windows Installer CVE-2019-0973 DLL Loading Local Privilege Escalation Vulnerability
securityfocus.com/bid/108651

BD Alaris Gateway Workstation CVE-2019-10959 Arbitrary File Upload Vulnerability
securityfocus.com/bid/108765

Mozilla Thunderbird MFSA2019-17 Multiple Security Vulnerabilities
securityfocus.com/bid/108761

Multiple WAGO Industrial Managed Switches Security Bypass Vulnerability
securityfocus.com/bid/108759

Google Chrome CVE-2019-5842 Remote Security Vulnerability
securityfocus.com/bid/108758

Cisco IOS XE Software CVE-2019-1904 Cross Site Request Forgery Vulnerability
securityfocus.com/bid/108737

Microsoft Windows X.509 Certificate Denial of Service Vulnerability
securityfocus.com/bid/108694

Broadcom WiFi Chipset Drivers Multiple Heap Buffer Overflow Vulnerabilities
securityfocus.com/bid/108013

Linux Kernel Security Bypass and Heap Buffer Overflow Vulnerabilities
securityfocus.com/bid/108011

Google Android System Component Multiple Security Vulnerabilities
securityfocus.com/bid/108554

SAP Enterprise Financial Services CVE-2018-2484 Remote Authorization Bypass Vulnerability
securityfocus.com/bid/106477

SAP Solution Manager CVE-2019-0291 Local Information Disclosure Vulnerability
2019-06-11
securityfocus.com/bid/108313

SAP Business Client Unspecified Security Vulnerability
2019-06-11
securityfocus.com/bid/104436

Evernote Web Clipper for Chrome CVE-2019-12592 Cross Site Scripting Vulnerability
2019-06-11
securityfocus.com/bid/108762

Dbus CVE-2019-12749 Authentication Bypass Vulnerability
2019-06-11
securityfocus.com/bid/108751

Top Attacking Hosts June 10-16 2019
Details
Category
Threat Intelligence