threat-intelligence-report

Trends

  • The top attacker country was the United States with 1101 unique attackers (26.96%)
  • The top Exploit event was SQL injection with 80% of occurrences


Top Attacker by Country

CountryOccurrencesPercentage
United States110126.96%
China100424.58%
Brazil2165.29%
France2024.95%
Russian Federation2024.95%
Republic of Korea1744.26%
India1633.99%
United Kingdom1453.55%
Vietnam1192.91%
Canada1052.57%
Germany1052.57%
Netherlands1042.55%
Taiwan922.25%
Australia761.86%
Greece661.62%
Italy571.40%
Indonesia561.37%
Singapore511.25%
Spain461.13%


Top Cyber Attackers by Country May 13-19 2019


Threat Geo-location

Cyber Security Threat Geolocations May 13-19 2019


Top Attacking Hosts

HostOccurrences
58.242.83.3918
197.231.221.21116
71.6.202.19811



Top Network Attackers

Origin ASAnnouncementDescription
AS483758.242.0.0/15China Unicom AnHui province network
AS37560197.231.220.0/22Cyberdyne S.A
AS1043971.6.128.0/17CariNet, Inc



Top Event NIDS and Exploits

Top Event NIDS and Exploits May 13-19 2019


Top Alarms

Type of AlarmOccurrences
Attack Tool detected - Attack290
OTX Indicators of Compromise - PULSE134
Bruteforce Authentication - SSH2

                 
Comparison from last week

Type of AlarmOccurrences
OTX Indicators of Compromise - PULSE119
Database Attack - Stored Procedure Access - Attack89
WebServer Attack - Attack45
Bruteforce Authentication - SSH28
Trojan Injection - IDS Event4



CVE

This is a list of recent vulnerabilities for which exploits are available.

ID: CVE-2019-1862
Title: Cisco IOS XE Software Web UI Command Injection Vulnerability
Vendor: Cisco

ID: CVE-2019-1649
Title: Cisco Secure Boot Hardware Tampering Vulnerability
Vendor: Cisco

ID: CVE-2019-5018 
Title: SQLite Use After Free Remote Code Execution Vulnerability

ID: CVE-2019-5021 
Title: Alpine Linux Docker Image Hard Coded Credentials Authentication Bypass Vulnerability
Vendor: Alpine Linux

ID: CVE-2019-3400
Title: Atlassian JIRA Cross Site Scripting Vulnerability
Vendor: Atlassian

ID: CVE-2019-2725
Title: Oracle WebLogic Server Deserialization Remote Command Execution Vulnerability
Vendor: Oracle

ID: CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
Title: Intel Processor MDS Vulnerabilities
Vendor: Intel


Vulnerabilities

Fuji Electric Alpha7 PC Loader Out-of-Bounds Read Denial of Service Vulnerability
2019-05-16
securityfocus.com/bid/108359

Symantec Messaging Gateway CVE-2019-9699 Information Disclosure Vulnerability
2019-05-16
securityfocus.com/bid/108303

Dnsmasq VU#973527 Multiple Security Vulnerabilities
2019-05-15
securityfocus.com/bid/101085

Mozilla Firefox ESR CVE-2017-7843 Security Bypass Vulnerability
2019-05-15
securityfocus.com/bid/102112

Mozilla Firefox MFSA2017-27 Multiple Security Vulnerabilities
2019-05-15
securityfocus.com/bid/102039

Drupal Novalnet Payment Module- Ubercart Module SQL Injection Vulnerability
2019-05-15
securityfocus.com/bid/75039

Multiple Cisco Products CVE-2019-1818 Directory Traversal Vulnerability
2019-05-15
securityfocus.com/bid/108352

Multiple Cisco Products CVE-2019-1819 Directory Traversal Vulnerability
2019-05-15
securityfocus.com/bid/108351

Multiple Cisco Products Multiple Remote Code Execution Vulnerabilities
2019-05-15
securityfocus.com/bid/108339

Cisco Firepower Threat Defense Software CVE-2019-1833 Security Bypass Vulnerability
2019-05-15
securityfocus.com/bid/108338

Multiple Cisco Products Multiple SQL Injection Vulnerabilities
2019-05-15
securityfocus.com/bid/108337

Cisco Video Surveillance Manager CVE-2019-1717 Information Disclosure Vulnerability
2019-05-15
securityfocus.com/bid/108336

Cisco Small Business Series Switches CVE-2019-1806 Denial of Service Vulnerability
2019-05-15
securityfocus.com/bid/108335

Microsoft Office Access Connectivity Engine CVE-2019-0945 Remote Code Execution Vulnerability
2019-05-14
securityfocus.com/bid/108192

Siemens LOGO! Soft Comfort ICSA-19-134-03 Deserialization Arbitrary Code Execution Vulnerability
2019-05-14
securityfocus.com/bid/108368

Multiple Schneider Electric Products CVE-2019-6821 Security Bypass Vulnerability
2019-05-14
securityfocus.com/bid/108366

Singularity CVE-2019-11328 Insecure Permissions Local Privilege Escalation Vulnerability
2019-05-14
securityfocus.com/bid/108360

Top Attacker Hosts May 13-19 2019
Details
Category
Threat Intelligence