THE RED PIRANHA TEAM


Red Piranha is a diversified group of IT professionals dedicated to providing our clients with leading security solutions. We are the developers of Australia's first Unified Threat Management, Crystal Eye, and of Australia's first next-generation firewall.

FOLLOW US:       fb twitter linkedin


LATEST THREATS, NEWS, and DEVELOPMENTS


Asean

RED PIRANHA TO JOIN AUSTRALIAN GOVERNMENT ASEAN 2018 CYBER SECURITY MISSION WITH AUSTCYBER AND AUSTRADE

virus

DOES THE ON-GOING FLAME WAR BETWEEN BROWSER & ANTI-VIRUS PROGRAMS DEVELOPERS MAKE THE END USERS THE ULTIMATE LOSERS?

Bec

THE GROWING THREAT OF BUSINESS EMAIL COMPROMISE EXPLOITS & HOW AUSTRALIAN SMES CAN SECURE THEMSELVES

router

MICROTIK ROUTERS TARGETED AGAIN—THIS TIME 7500+ COMPROMISED ROUTERS LEAKING NETWORK TRAFFIC

                            VISIT OUR BLOGS AND NEWS PAGE FOR MORE ARTICLES

  


TRENDS


  • China is on top of the list with 1077 unique attackers (26.5%)
  • The Top Alarm was Reconnaissance & Probing - Database Attack - Stored Procedure Access - Attack with 2705 occurences (39.9%).


TOP ATTACKER COUNTRIES


Country No. of Attackers Percentage
China 1077 26.50%
United States 975 19.30%
Brazil 273 6.40%
Russian Federation 269 6.20%
France 209 4.90%
India 184 4.70%
Republic of Korea 159 4.00%
Vietnam 153 4.00%
Netherlands 120 3.10%
United Kingdom 107 2.70%
Australia 106 2.60%
Netherlands 154 2.10%
Canada 89 2.10%
Italy 88 2.00%
Ukraine 87 1.90%
Taiwan 83 1.70%
Thailand 76 1.50%
Indonesia 75 1.50%
Unknown 72 1.40%
Singapore 63 1.30%

Top Country 15102018


THREAT GEOLOCATION


Threat Geoloc 15102018


TOP ATTACKING HOSTS


Host Occurrences
61.175.101.164 32
93.174.93.67 16
61.177.172.57 13
159.100.182.207 9
198.57.247.217 9
62.210.185.4 9
58.218.92.33 9


TOP ALARMS


Alarm No. of Occurrences
OTX Indicators of Compromise - PULSE 105
Bruteforce Authentication - SSH 90
Database Attack - Stored Process Access - Attack 46
Attack Tool Detected - Attack 28
WebServer Attack - Attack 22

Comparison to Previous Week

Alarm No. of Occurrences
Reconnaissance & Probing — Database Attack - Stored Procedure Access 2705
Reconnaissance & Probing — Attack Tool detected 1524
Delivery & Attack — WebServer Attack — Attack     1355
AlienVault HIDS: Multiple XSS (Cross Site Scripting) attempts from same source IP 894


EXPLOIT EVENT TYPES AND TOP EVENTS NIDS


NIDS 15102018


OPEN THREAT EXCHANGE


Pulses Subscribed Indicators Last Updated Number of Alarms Number of Events
5,804 875,131 2018-10-15 00:10:47 5,762 13,711


VULNERABILITIES


Multiple Siemens Products CVE-2017-12069 XML External Entity Injection Vulnerability
2018-10-12
http://www.securityfocus.com/bid/100559

SAP HANA CVE-2018-2465 Denial of Service Vulnerability
2018-10-12
http://www.securityfocus.com/bid/105324

Oracle October 2018 Critical Patch Update Multiple Vulnerabilities
2018-10-12
http://www.securityfocus.com/bid/105555

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2018-10-11
http://www.securityfocus.com/bid/67898

IBM Global Security Toolkit CVE-2018-1431 Local Privilege Escalation Vulnerability
2018-10-11
http://www.securityfocus.com/bid/105546

OpenSSL CVE-2016-0705 Denial of Service Vulnerability
2018-10-11
http://www.securityfocus.com/bid/83754

OpenSSL CVE-2017-3732 Information Disclosure Vulnerability
2018-10-11
http://www.securityfocus.com/bid/95814

wolfSSL CVE-2017-13099 Information Disclosure Vulnerability
2018-10-10
http://www.securityfocus.com/bid/102174

IBM General Parallel File System CVE-2016-0263 Unspecified Local Privilege Escalation Vulnerability
2018-10-10
http://www.securityfocus.com/bid/90525

Samba CVE-2016-2114 Remote Security Bypass Vulnerability
2018-10-10
http://www.securityfocus.com/bid/86011

Microsoft ATL/MFC Trace Tool 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
2018-10-09
http://www.securityfocus.com/bid/42811

Microsoft Windows JET Database Engine Remote Code Execution Vulnerability
2018-10-09
http://www.securityfocus.com/bid/105376

DB2 Universal Database CVE-2012-0710 Denial-Of-Service Vulnerability
2018-10-09
http://www.securityfocus.com/bid/78282

DB2 Universal Database CVE-2012-0711 Remote Security Vulnerability
2018-10-09
http://www.securityfocus.com/bid/77826

IBM Spectrum Scale and IBM GPFS CVE-2016-2984 Local Command Execution Vulnerability
2018-10-08
http://www.securityfocus.com/bid/92410

SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2018-10-08
http://www.securityfocus.com/bid/74733

OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2018-10-08
http://www.securityfocus.com/bid/75158

Top Host 15102018
0 Comments
Monday, October 15, 2018 By rayah.medina