Trends
- The top attacker country was China with 970 unique attackers (25.32%)
- The top Exploit event was Cross Site Scripting with 61% of occurrences
Top Attacker by Country
Country | Occurrences | Percentage |
---|---|---|
China | 970 | 25.32% |
United States | 960 | 25.06% |
France | 198 | 5.17% |
Russian Federation | 195 | 5.09% |
Brazil | 192 | 5.01% |
India | 160 | 4.18% |
Republic of Korea | 155 | 4.05% |
United Kingdom | 139 | 3.63% |
Vietnam | 108 | 2.82% |
Germany | 102 | 2.66% |
Taiwan | 99 | 2.58% |
Canada | 96 | 2.51% |
Netherlands | 86 | 2.24% |
Australia | 83 | 2.17% |
Singapore | 69 | 1.80% |
Greece | 68 | 1.77% |
Italy | 66 | 1.72% |
Indonesia | 49 | 1.28% |
Spain | 36 | 0.94% |
Threat Geo-location
Top Attacking Hosts
Host | Occurrences |
---|---|
183.129.160.229 | 24 |
58.242.83.39 | 24 |
66.240.205.34 | 20 |
Top Network Attackers
Origin AS | Announcement | Description |
---|---|---|
AS4134 | 183.128.0.0/1 | CHINANET Zhejiang province network |
AS4837 | 58.242.0.0/15 | China Unicom AnHui province network |
AS10439 | 66.240.192.0/18 | CariNet, Inc |
Top Event NIDS and Exploits
Top Alarms
Type of Alarm | Occurrences |
---|---|
Database Attack - Stored Procedure Access - Attack | 487 |
Trojan Infection - IDS Event | 404 |
Web Server Attack - Attack | 218 |
OTX Indicators of Compromise - PULSE | 183 |
Network Discovery - IDS Event | 17 |
Attack Tool detected - Attack | 15 |
Bruteforce Authentication - SSH | 13 |
WebServer Attack - XSS | 1 |
Comparison from last week
Type of Alarm | Occurrences |
---|---|
OTX Indicators of Compromise - PULSE | 142 |
Database Attack - Stored Procedure Access - Attack | 40 |
Bruteforce Authentication - SSH | 9 |
WebServer Attack - Attack | 8 |
Attack Tool detected - Attach | 1 |
CVE
This is a list of recent vulnerabilities for which exploits are available.
Title: Multiple VMware Products Local Code Execution Vulnerability
Vendor: VMware
CVSS v2 Base Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
ID: CVE-2016-10245
Title: Doxygen Cross Site Scripting Vulnerability
Vendor: Doxygen
CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
ID: CVE-2019-5960
Title: WordPress WP Open Graph Plugin Cross Site Request Forgery Vulnerability
Vendor: WordPress
CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
ID: CVE-2019-10320
Title: Jenkins Credentials Plugin Information Disclosure Vulnerability
CVSS v2 Base Score: 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N)
ID: CVE-2019-3397
Title: Atlassian Bitbucket Server Directory Traversal Vulnerability
Vendor: Atlassian
CVSS v2 Base Score: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
ID: CVE-2019-12295
Title: Wireshark 'epan/packet.c' Denial of Service Vulnerability
Vendor: Wireshark
CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Vulnerabilities
Microsoft Exchange Server CVE-2019-0858 Spoofing Vulnerability
securityfocus.com/bid/107757
Microsoft Exchange Server CVE-2019-0817 Spoofing Vulnerability
securityfocus.com/bid/107756
Microsoft Exchange Server CVE-2017-8560 Remote Privilege Escalation Vulnerability
securityfocus.com/bid/99449
Microsoft Outlook Web Access for Exchange Server 2003 Cross Site Request Forgery Vulnerability
securityfocus.com/bid/41843
Microsoft Exchange Server Outlook Web Access Cross Site Request Forgery Vulnerability
securityfocus.com/bid/41462
Microsoft Exchange Server EMSMDB2 MAPI Command Remote Denial of Service Vulnerability
securityfocus.com/bid/33136
Microsoft Exchange Server TNEF Decoding Remote Code Execution Vulnerability
2019-05-31
securityfocus.com/bid/33134
Microsoft Outlook Web Access for Exchange Server 'redir.asp' URI Redirection Vulnerability
securityfocus.com/bid/31765
Microsoft Outlook Web Access for Exchange Server Email Field Cross-Site Scripting Vulnerability
securityfocus.com/bid/30130
Microsoft Outlook Web Access for Exchange Server HTML Parsing Cross-Site Scripting Vulnerability
securityfocus.com/bid/30078
Microsoft Exchange IMAP Command Processing Remote Denial of Service Vulnerability
securityfocus.com/bid/23810
Microsoft Exchange Base64 MIME Message Remote Code Execution Vulnerability
securityfocus.com/bid/23809
Microsoft Exchange iCal Request Remote Denial of Service Vulnerability
securityfocus.com/bid/23808
Microsoft Outlook Web Access Remote Script Injection Vulnerability
securityfocus.com/bid/23806
Microsoft Exchange Server Outlook Web Access HTML Injection Vulnerability
securityfocus.com/bid/13952
Microsoft Outlook Web Access Login Form Remote URI Redirection Vulnerability
securityfocus.com/bid/12459
Microsoft Exchange 2000 Post Authorization License Exhaustion Denial Of Service Vulnerability
securityfocus.com/bid/5413
Microsoft Exchange 2000 Multiple MSRPC Denial Of Service Vulnerabilities
securityfocus.com/bid/5412
Microsoft Outlook Web Access with RSA SecurID Authentication Bypass Vulnerability
securityfocus.com/bid/4390
Microsoft Exchange Server Empty MIME Boundary DoS
securityfocus.com/bid/1688
Cisco IOS Software CVE-2019-1758 Authentication Bypass Vulnerability
securityfocus.com/bid/107616
Microsoft Windows Remote Desktop Services CVE-2019-0708 Remote Code Execution Vulnerability
securityfocus.com/bid/108273
Huawei Smart Phone P9 and Google Android Broadcom Driver Wi-FI Driver Buffer Overflow Vulnerability
securityfocus.com/bid/94943
Multiple VMware Products CVE-2019-5515 Out-Of-Bounds Write Local Code Execution Vulnerability
securityfocus.com/bid/107634
Fuji Electric Alpha7 PC Loader Out-of-Bounds Read Denial of Service Vulnerability
securityfocus.com/bid/108359
Linux Kernel 'marvell/mwifiex/scan.c' Heap Buffer Overflow Vulnerability
securityfocus.com/bid/108521
Apache Hadoop CVE-2018-8029 Remote Privilege Escalation Vulnerability
securityfocus.com/bid/108518
ISC BIND CVE-2019-6469 Remote Denial of Service Vulnerability
securityfocus.com/bid/108517
Oracle VM VirtualBox Mulltiple Local Security Vulnerabilities
securityfocus.com/bid/107960
Samsung KNOX CVE-2019-6744 Lock Screen Local Security Bypass Vulnerability
securityfocus.com/bid/108505
Docker CVE-2018-15664 Symlink Directory Traversal Vulnerability
securityfocus.com/bid/108507