THE RED PIRANHA TEAM


Red Piranha is a diversified group of IT professionals dedicated to providing our clients with leading security solutions. We are the developers of Australia's first Unified Threat Management, Crystal Eye, and of Australia's first next-generation firewall.

FOLLOW US:       fb twitter linkedin


LATEST THREATS, NEWS, and DEVELOPMENTS


Asean

RED PIRANHA TO JOIN AUSTRALIAN GOVERNMENT ASEAN 2018 CYBER SECURITY MISSION WITH AUSTCYBER AND AUSTRADE

virus

DOES THE ON-GOING FLAME WAR BETWEEN BROWSER & ANTI-VIRUS PROGRAMS DEVELOPERS MAKE THE END USERS THE ULTIMATE LOSERS?

Bec

THE GROWING THREAT OF BUSINESS EMAIL COMPROMISE EXPLOITS & HOW AUSTRALIAN SMES CAN SECURE THEMSELVES

router

MICROTIK ROUTERS TARGETED AGAIN—THIS TIME 7500+ COMPROMISED ROUTERS LEAKING NETWORK TRAFFIC

                            VISIT OUR BLOGS AND NEWS PAGE FOR MORE ARTICLES

  


TRENDS


  • United States in on top of the list with 1477 unique attackers (25.7%)
  • All exploits events were Command Execution (100%)
  • The Top Alarm was Reconnaissance & Probing - Database Attack - Stored Procedure Access - Attack with 2705 occurences (39.9%).


TOP ATTACKER COUNTRIES


Country No. of Attackers Percentage
United States 1477 25.7%
China 1190 20.7%
Russian Federation 435 7.6%
Brazil 340 5.9%
France 276 4.8%
Vietnam 211 3.7%
India 203 3.5%
Germany 183 3.2%
Korea 179 3.1%
United Kingdom 156 2.7%
Australia 154 2.7%
Netherlands 154 2.7%
Canada 121 2.1%
Taiwan 118 2.1%
Italy 107 1.9%
Indonesia 95 1.7%
Egypt 91 1.6%
Japan 87 1.5%
Singapore 80 1.4%
Ukraine 79 1.4%

Top Country


THREAT GEOLOCATION


Threat geoloc


TOP ATTACKING HOSTS


Top Host


TOP ALARMS


Alarm No. of Occurrences
Reconnaissance & Probing — Database Attack - Stored Procedure Access 2705
Reconnaissance & Probing — Attack Tool detected 1524
Delivery & Attack — WebServer Attack — Attack     1355
AlienVault HIDS: Multiple XSS (Cross Site Scripting) attempts from same source IP 894

Comparison to Previous Week

Alarm No. of Occurrences
OTX Indicators of Compromise - PULSE 151
Bruteforce Authentication - SSH 41
Database Attack - Stored Procedure Access - Attack 21
Attack Tool detected - Attack 8


EXPLOIT EVENT TYPES AND TOP EVENTS NIDS


Exploit Events


OPEN THREAT EXCHANGE


Pulses Subscribed Indicators Last Updated Number of Alarms Number of Events
5,775 873,854 2018-10-09 00:22:40 5,672 11,943


VULNERABILITIES


Adobe Acrobat and Reader CVE-2018-12838 Stack Overflow Vulnerability
2018-10-01
http://www.securityfocus.com/bid/105444

Adobe Acrobat and Reader APSB18-30 Type Confusion Multiple Arbitrary Code Execution Vulnerabilities
2018-10-01
http://www.securityfocus.com/bid/105443

Adobe Acrobat and Reader Untrusted Pointer Dereference Arbitrary Code Execution Vulnerabilities
2018-10-01
http://www.securityfocus.com/bid/105442

Adobe Acrobat and Reader APSB18-30 Multiple Arbitrary Code Execution Vulnerabilities
2018-10-01
http://www.securityfocus.com/bid/105441

Adobe Acrobat and Reader CVE-2018-12841 Arbitrary Code Execution Vulnerability
2018-10-01
http://www.securityfocus.com/bid/105440

Adobe Acrobat and Reader APSB18-30 Multiple Information Disclosure Vulnerabilities
2018-10-01
http://www.securityfocus.com/bid/105439

Adobe Acrobat and Reader Multiple Integer Overflow Vulnerabilities
2018-10-01
http://www.securityfocus.com/bid/105438

Adobe Acrobat and Reader Multiple Arbitrary Code Execution Vulnerabilities
2018-10-01
http://www.securityfocus.com/bid/105437

Top Alarm
0 Comments
Tuesday, October 9, 2018 By rayah.medina