TRENDS
- United States in on top of the list with 1477 unique attackers (25.7%)
- All exploits events were Command Execution (100%)
- The Top Alarm was Reconnaissance & Probing - Database Attack - Stored Procedure Access - Attack with 2705 occurences (39.9%).
TOP ATTACKER COUNTRIES
| Country | No. of Attackers | Percentage |
|---|---|---|
| United States | 1477 | 25.7% |
| China | 1190 | 20.7% |
| Russian Federation | 435 | 7.6% |
| Brazil | 340 | 5.9% |
| France | 276 | 4.8% |
| Vietnam | 211 | 3.7% |
| India | 203 | 3.5% |
| Germany | 183 | 3.2% |
| Korea | 179 | 3.1% |
| United Kingdom | 156 | 2.7% |
| Australia | 154 | 2.7% |
| Netherlands | 154 | 2.7% |
| Canada | 121 | 2.1% |
| Taiwan | 118 | 2.1% |
| Italy | 107 | 1.9% |
| Indonesia | 95 | 1.7% |
| Egypt | 91 | 1.6% |
| Japan | 87 | 1.5% |
| Singapore | 80 | 1.4% |
| Ukraine | 79 | 1.4% |
THREAT GEOLOCATION
TOP ATTACKING HOSTS
TOP ALARMS
| Alarm | No. of Occurrences |
|---|---|
| Reconnaissance & Probing — Database Attack - Stored Procedure Access | 2705 |
| Reconnaissance & Probing — Attack Tool detected | 1524 |
| Delivery & Attack — WebServer Attack — Attack | 1355 |
| AlienVault HIDS: Multiple XSS (Cross Site Scripting) attempts from same source IP | 894 |
Comparison to Previous Week
| Alarm | No. of Occurrences |
|---|---|
| OTX Indicators of Compromise - PULSE | 151 |
| Bruteforce Authentication - SSH | 41 |
| Database Attack - Stored Procedure Access - Attack | 21 |
| Attack Tool detected - Attack | 8 |
EXPLOIT EVENT TYPES AND TOP EVENTS NIDS
OPEN THREAT EXCHANGE
| Pulses Subscribed | Indicators | Last Updated | Number of Alarms | Number of Events |
|---|---|---|---|---|
| 5,775 | 873,854 | 2018-10-09 00:22:40 | 5,672 | 11,943 |
VULNERABILITIES
Adobe Acrobat and Reader CVE-2018-12838 Stack Overflow Vulnerability
2018-10-01
securityfocus.com/bid/105444
Adobe Acrobat and Reader APSB18-30 Type Confusion Multiple Arbitrary Code Execution Vulnerabilities
2018-10-01
securityfocus.com/bid/105443
Adobe Acrobat and Reader Untrusted Pointer Dereference Arbitrary Code Execution Vulnerabilities
2018-10-01
securityfocus.com/bid/105442
Adobe Acrobat and Reader APSB18-30 Multiple Arbitrary Code Execution Vulnerabilities
2018-10-01
securityfocus.com/bid/105441
Adobe Acrobat and Reader CVE-2018-12841 Arbitrary Code Execution Vulnerability
2018-10-01
securityfocus.com/bid/105440
Details
Category