TRENDS
- The number of unique attackers from China increased to 1156 compared to last week.
- Top Alarm was: Environmental Awareness - OTX Indicators of Compromise - PULSE with 1050 occurrences.
TOP ATTACKER COUNTRIES
| Country | No. of Attackers | Percentage |
|---|---|---|
| China | 1156 | 25.29% |
| United States | 1002 | 21.92% |
| Russian Federation | 341 | 7.46% |
| Brazil | 261 | 5.71% |
| India | 213 | 4.66% |
| France | 208 | 4.55% |
| Republic of Korea | 152 | 3.33% |
| United Kingdom | 141 | 3.08% |
| Germany | 126 | 2.76% |
| Ecuador | 119 | 2.60% |
| Vietnam | 117 | 2.56% |
| Australia | 116 | 2.54% |
| Netherlands | 96 | 2.10% |
| Italy | 93 | 2.03% |
| Indonesia | 86 | 1.88% |
| Singapore | 76 | 1.66% |
| Canada | 74 | 1.62% |
| Ukraine | 67 | 1.47% |
| Japan | 66 | 1.44% |
| Hong Kong | 61 | 1.33% |
THREAT GEOLOCATION
TOP ATTACKING HOSTS
TOP ATTACKING NETWORKS
| Origin AS | Announcement | Description |
|---|---|---|
| AS4134 | 115.224.0.0/12 | CHINANET Zhejiang Province Network |
| AS4837 | 221.194.0.0/16 | China Unicom Hebei Province Network |
| AS6936 | 184.104.0.0/15 | Hurricane Electric LLC |
| AS197068 | 185.94.108.0/22 | HLL LLC |
| AS42237 | 185.246.128.0/22 | ICME LIMITED |
TOP ALARMS
| Alarm | No. of Occurrences |
|---|---|
| Environmental Awareness - OTX Indicators of Compromise - PULSE | 1050 |
| Delivery & Attack - Bruteforce Authentication - SSH | 285 |
| Delivery & Attack - Bruteforce Authentication - Linux/Unix | 9 |
| AlienVault NIDS: "ET SCAN NMAP - sS window 1024" | 4 |
| Delivery & Attack - WebServer Attack - SQL Injection - Attack Pattern Detection | 2 |
| Exploitation & Installation - WebServer Attack - XSS 1 | 1 |
Comparison to the Previous Report
| Alarm | No. of Occurrences |
|---|---|
| Environmental Awareness - OTX Indicators of Compromise - PULSE | 574 |
| Delivery & Attack - Bruteforce Authentication - SSH | 110 |
| AV-FREE-FEED Bruteforce Attack, SSH Authentication Attack Against DST_IP | 105 |
| AV-FREE-FEED Bruteforce Attack, Login Authentication Attack Against DST_IP | 87 |
| OTX Pulse: PULSE | 82 |
| Delivery & Attack - Bruteforce Authentication - Linux/Unix | 11 |
Details
Category