The Red Piranha Team


Red Piranha is a diversified group of IT professionals dedicated to providing our clients with leading security solutions. We are the developers of Australia's first Unified Threat Management, Crystal Eye, and of Australia's first next-generation firewall.

FOLLOW US:       fb twitter linkedin


Latest Threats, News and Developments


Brisbane Launch

Red Piranha Crystal Eye Launch in Brisbane

Asean

Red Piranha to join Australian government ASEAN 2018 Cyber Security Mission with AustCyber and Austrade

virus

Does the On-going Flame War between Browser & Anti-Virus Programs Developers Make the End Users the Ultimate Losers?

Bec

The Growing Threat of Business Email Compromise Exploits & How Australian SMEs Can Secure Themselves

 

VISIT OUR NEWS PAGE FOR MORE ARTICLES


Trends


  • China is on top of the list with 511 unique attackers (26.08%)
  • Command and execution was the top exploit event of the week with 55% of occurrences


Top Attacker by Country


Country No. of Attackers Percentage
China 511 26.08%
United States 413 21.08%
Brazil 154 7.86%
France 120 6.13%
Russian Federation 97 4.95%
India 77 3.93%
Netherlands 75 3.83%
Republic of Korea 67 3.42%
United Kingdom 53 2.71%
Germany 46 2.35%
Ukraine 43 2.19%
Vietnam 41 2.09%
Australia 37 1.89%
Taiwan 37 1.89%
Italy 34 1.74%
Indonesia 33 1.68%
Hong Kong 28 1.43%
Poland 24 1.23%
Singapore 22 1.12%

Top Country


Threat Geolocation


Threat Geoloc


Top Attacking Hosts


Host Occurrences
80.201.137.57 54
45.6.188.2 45
60.191.38.77 41
206.189.201.149 29
94.102.49.123 24
159.65.152.228 14
198.20.87.98 7
193.201.224.158 3

Top Host


Top Alarms


Alarm No. of Occurrences
OTX Indicators of Compromise - PULSE 117
Database Attack - Stored Procedure - Attack 59
Bruteforce Authentication - SSH 47
Attack Tool Detected - Attack 44
Bruteforce Authentication - Windows Login 13
WebServer Attack - Attack 7

Comparison from Previous Report

Alarm No. of Occurrences
Database Attack - Stored Procedure - Attack 2516
Attack Tool Detected - Attack 1267
WebServer Attack - Attack 1163
OTX Indicators of Compromise - PULSE 125
Bruteforce Authentication - SSH 33
WebServer Attack - XSS 5
Bruteforce Authentication - Windows Login 1

Top Alarm


Exploit Event Types and Top Event NIDS


NID


Red Piranha - Open Threat Exchange


Pulses Subscribed Indicators Last Updated Number of Alarms Number of Events
6,014 889,207 2018-11-21 12:30:58 6,428 11,080

UIP


Vulnerabilities


Asterisk Open Source Remote Buffer Overflow Vulnerability
2018-11-16
http://www.securityfocus.com/bid/105934

Linux Kernel CVE-2018-18955 Local Privilege Escalation Vulnerability
2018-11-16
http://www.securityfocus.com/bid/105941

ZTE ZXHN H168N CVE-2018-7358 Authorization Bypass Vulnerability
2018-11-15
http://www.securityfocus.com/bid/105963

Siemens Multiple Products CVE-2018-4858 Access Bypass Vulnerability
2018-11-15
http://www.securityfocus.com/bid/105933

Apache Tomcat CVE-2018-1305 Security Bypass Vulnerability
2018-11-14
http://www.securityfocus.com/bid/103144

Amazon PayFort payfort-php-SDK Multiple Cross Site Scripting Vulnerabilities
2018-11-14
http://www.securityfocus.com/bid/105930

Siemens SIMATIC Panels Multiple Security Vulnerabilities
2018-11-14
http://www.securityfocus.com/bid/105922

Dell EMC RecoverPoint Information Disclosure and Denial of Service Vulnerabilities
2018-11-14
http://www.securityfocus.com/bid/105916

Dell OpenManage Network Manager CVE-2018-15768 Remote Privilege Escalation Vulnerability
2018-11-14
http://www.securityfocus.com/bid/105914

Dell OpenManage Network Manager CVE-2018-15767 Authorization Bypass Vulnerability
2018-11-14
http://www.securityfocus.com/bid/105912

Apple Safari JIT Compiler Information Disclosure Vulnerability
2018-11-13
http://www.securityfocus.com/bid/105966
 

0 Comments
Monday, November 26, 2018 By rayah.medina