Trends
- China is on top of the list with 1317 unique attackers (25.60%)
- Command and execution was the top exploit event of the week with 72% of occurrences
Top Attacker by Country
| Country | No. of Attackers | Percentage |
|---|
| China | 1317 | 25.60% |
| United States | 1205 | 19.20% |
| Russian Federation | 418 | 6.30% |
| Brazil | 342 | 6.20% |
| France | 258 | 5.30% |
| India | 171 | 4.00% |
| Germany | 168 | 3.50% |
| Netherlands | 166 | 3.40% |
| United Kingdom | 160 | 3.40% |
| Republic of Korea | 152 | 3.30% |
| Australia | 149 | 3.20% |
| Vietnam | 122 | 2.80% |
| Ukraine | 119 | 2.50% |
| Canada | 114 | 2.10% |
| Taiwan | 112 | 1.90% |
| Indonesia | 94 | 1.80% |
| Italy | 90 | 1.60% |
| Singapore | 74 | 1.60% |
| Poland | 68 | 1.50% |
Threat Geolocation
Top Attacking Hosts
| Host | Occurrences |
|---|
| 116.31.116.11 | 182 |
| 193.201.224.158 | 116 |
| 94.73.146.80 | 89 |
| 93.174.95.106 | 72 |
| 94.102.49.123 | 66 |
| 159.65.152.228 | 38 |
| 198.20.87.98 | 27 |
| 193.201.224.158 | 19 |
Top Alarms
| Alarm | No. of Occurrences |
|---|
| Bruteforce Authentication - SSH | 201 |
| OTX Indicators of Compromise - PULSE | 88 |
| Database Attack - Stored Procedure - Attack | 14 |
| Attack Tool Detected - Attack | 12 |
| WebServer Attack - Attack | 5 |
| Bruteforce Authentication - Windows Login | 2 |
Comparison from Previous Report
| Alarm | No. of Occurrences |
|---|
| OTX Indicators of Compromise - PULSE | 117 |
| Database Attack - Stored Procedure - Attack | 59 |
| Bruteforce Authentication - SSH | 47 |
| Attack Tool Detected - Attack | 44 |
| Bruteforce Authentication - Windows Login | 13 |
| WebServer Attack - Attack | 7 |
Exploit Event Types and Top Event NIDS
Red Piranha - Open Threat Exchange
| Pulses Subscribed | Indicators | Last Updated | Number of Alarms | Number of Events |
|---|
| 6,046 | 889,949 | 2018-11-26 00:61:01 | 6,490 | 14,802 |
Top Malware and Top Domains
