Trends
- China is on top of the list with 1127 unique attackers (29.9%)
- Database Attack - Store Procedure Access - Attack with 172 occurrences (30.4%)
- SQL Injection was the top exploit event of the week with 52% of occurrences.
Top Attacker by Country
| Country | No. of Attackers | Percentage |
|---|
| China | 1127 | 29.9% |
| United States | 693 | 18.4% |
| Brazil | 285 | 7.6% |
| France | 190 | 5.1% |
| Russian Federation | 180 | 4.8% |
| Republic of Korea | 158 | 4.2% |
| India | 129 | 3.4% |
| Vietnam | 109 | 2.9% |
| United Kingdom | 108 | 2.9% |
| Netherlands | 89 | 2.4% |
| Germany | 86 | 2.3% |
| Italy | 84 | 2.2% |
| Taiwan | 71 | 1.9% |
| Australia | 71 | 1.9% |
| Canada | 71 | 1.9% |
| Thailand | 70 | 1.9% |
| Colombia | 67 | 1.8% |
| Indonesia | 67 | 1.8% |
| Ukraine | 60 | 1.6% |
| Greece | 48 | 1.3% |
Threat Geolocation
Top Attacking Hosts
| Host | Occurrences |
|---|
| 159.213.47.13 | 107 |
| 37.49.231.145 | 55 |
| 66.240.219.146 | 19 |
| 94.102.49.122 | 17 |
| 134.119.205.46 | 16 |
| 89.248.167.131 | 11 |
| 191.252.119.9 | 9 |
Top Alarms
| Alarm | No. of Occurrences |
|---|
| Database Attack - Stored Process Access - Attack | 172 |
| Network Discovery - SCAN | 148 |
| OTX Indicators of Compromise - PULSE | 146 |
| Attack Tool Detected - Attack | 40 |
| Bruteforce Authentication - SSH | 39 |
| WebServer Attack - Attack | 20 |
Comparison from Previous Report
| Alarm | No. of Occurrences |
|---|
| OTX Indicators of Compromise - PULSE | 105 |
| Bruteforce Authentication - SSH | 90 |
| Database Attack - Stored Process Access - Attack | 46 |
| Attack Tool Detected - Attack | 28 |
| WebServer Attack - Attack | 22 |
Exploit Event Types and Top Event NIDS
Red Piranha - Open Threat Exchange
| Pulses Subscribed | Indicators | Last Updated | Number of Alarms | Number of Events |
|---|
| 5,836 | 876,604 | 2018-10-22 00:28:06 | 5,912 | 13,510 |
