The Red Piranha Team

Red Piranha is a diversified group of IT professionals dedicated to providing our clients with leading security solutions. We are the developers of Australia's first Unified Threat Management, Crystal Eye, and of Australia's first next-generation firewall.

FOLLOW US:       fb twitter linkedin

Latest Threats, News and Developments

Perth Training

Red Piranha Crystal Eye Training in Perth


Red Piranha to join Australian government ASEAN 2018 Cyber Security Mission with AustCyber and Austrade


Does the On-going Flame War between Browser & Anti-Virus Programs Developers Make the End Users the Ultimate Losers?


The Growing Threat of Business Email Compromise Exploits & How Australian SMEs Can Secure Themselves




  • China is on top of the list with 1397 unique attackers (23.84%)
  • Bruteforce Authentication was the Top Alarm of the week with 239 of occurrences

Top Attacker by Country

Country No. of Attackers Percentage
China 1397 23.84%
United States 1137 19.40%
France 449 7.66%
Brazil 400 6.83%
Russian Federation 340 5.80%
Germany 248 4.23%
India 240 4.10%
United Kingdom 201 3.43%
Republic of Korea 182 3.11%
Netherlands 177 3.02%
Canada 153 2.61%
Vietnam 137 2.34%
Taiwan 130 2.22%
Italy 127 2.17%
Indonesia 123 2.10%
Ukraine 106 1.81%
Singapore 91 1.55%
Poland 78 1.33%
Australia 75 1.28%
Argentina 69 1.18%

Top Country

Threat Geo-location

Threat Geoloc

Top Attacking Hosts

Host Occurrences 288 86 12 10

Top Host

Top Alarms

Alarm No. of Occurrences
Bruteforce Authentication - SSH 239
OTX Indicators of Compromise - PULSE 107
Attack Tool Detected - Attack 8
WebServer Attack - Attack 3

Comparison from Previous Report

Alarm No. of Occurrences
Bruteforce Authentication - SSH 201
OTX Indicators of Compromise - PULSE 88
Database Attack - Stored Procedure - Attack 14
Attack Tool Detected - Attack 12
WebServer Attack - Attack 5
Bruteforce Authentication - Windows Login 2

Top Alarm

Exploit Event Types and Top Event NIDS


Red Piranha - Open Threat Exchange

Pulses Subscribed Indicators Last Updated Number of Alarms Number of Events
6,095 892,167 2018-12-02 23:05:26 6,598 7,827


Events from the most active OTX




An issue was discovered in lxml before 4.2.5. lxml/html/ in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by "j a v a s c r i p t:" in Internet Explorer. This is a similar issue to CVE-2014-3146.


Vuln: QEMU CVE-2018-19665 Integer Overflow Vulnerability

Vuln: Joomla Event Booking Extension ‘com_eventbooking’ Arbitrary File Download


Monday, December 3, 2018 By rayah.medina