THE RED PIRANHA TEAM


Red Piranha is a diversified group of IT professionals dedicated to providing our clients with leading security solutions. We are the developers of Australia's first Unified Threat Management, Crystal Eye, and of Australia's first next-generation firewall.

FOLLOW US:       fb twitter linkedin


LATEST THREATS, NEWS, and DEVELOPMENTS


CE Perth Training

RED PIRANHA CRYSTAL EYE TRAINING IN PERTH

virus

DOES THE ON-GOING FLAME WAR BETWEEN BROWSER & ANTI-VIRUS PROGRAMS DEVELOPERS MAKE THE END USERS THE ULTIMATE LOSERS?

Bec

THE GROWING THREAT OF BUSINESS EMAIL COMPROMISE EXPLOITS & HOW AUSTRALIAN SMES CAN SECURE THEMSELVES

Router

MICROTIK ROUTERS TARGETED AGAIN—THIS TIME 7500+ COMPROMISED ROUTERS LEAKING NETWORK TRAFFIC

                            VISIT OUR BLOGS AND NEWS PAGE FOR MORE ARTICLES

  


TRENDS


  • China is on top of the list with 1311 unique attackers (26.5%). 
  • The exploit events were Command Execution, SQL Injection, Miscellaneous, and Attack Response. 
  • The Top Alarm was OTX Indicators of Compromise with 187 Occurrences (68.3%).


TOP ATTACKER COUNTRIES


Country No. of Attackers Percentage
China 1311 26.5%
United States 957 19.3%
Russian Federation 316 6.4%
Brazil 305 6.2%
India 243 4.9%
France 232 4.7%
Republic of Korea 198 4.0%
Vietnam 198 4.0%
Germany 154 3.1%
Netherlands 136 2.7%
United Kingdom 130 2.6%
Taiwan 106 2.1%
Italy 105 2.1%
Indonesia 97 2.0%
Canada 93 1.9%
Ukraine 82 1.7%
Thailand 76 1.5%
Egypt 74 1.5%
Australia 69 1.4%
Hong Kong 64 1.3%

Top Country


THREAT GEOLOCATION


Threat Geoloc 01102018


TOP ATTACKING HOSTS


Top Host


TOP ALARMS


Alarm No. of Occurrences
OTX Indicators of Compromise - PULSE 151
Bruteforce Authentication - SSH 41
Database Attack - Stored Procedure Access - Attack 21
Attack Tool detected - Attack 8

Comparison to Previous Week

Alarm No. of Occurrences
Bruteforce Authentication - SSH 187
OTX Indicators of Compromise - PULSE 147
Database Attack - Stored Procedure Access - Attack 98
WebServer Attack - Attack 33
Attack Tool detected - Attack 29

Top Alarm


EXPLOIT EVENT TYPES AND TOP EVENTS NIDS


Exploit Events

NIDS


OPEN THREAT EXCHANGE


Pulses Subscribed Indicators Last Updated Number of Alarms Number of Events
5,737 871,918 2018-10-01 01:29:35 5,554 9,195

UIP


VULNERABILITIES


2018-09-27


Multiple IBM DB2 Products CVE-2014-0919 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/74217

Multiple IBM DB2 Products CVE-2014-8901 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/71734

Multiple IBM DB2 Products CVE-2014-6210 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/71730

Multiple IBM DB2 Products CVE-2014-6209 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/71729

Multiple Cisco Products CVE-2015-6420 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/78872

Fuji Electric Alpha5 Smart Loader ICSA-18-270-02 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/105411

Delta Industrial Automation PMSoft CVE-2018-14824 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/105409

Multiple Fuji Electric FRENIC Devices ICSA-18-270-03 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/105408

Emerson AMS Device Manager ICSA-18-270-01 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/105406  

                                                                                                                                    
2018-09-26


Multiple IBM DB2 Products CVE-2014-8910 File Disclosure Vulnerability
http://www.securityfocus.com/bid/75949

Multiple IBM DB2 Products CVE-2015-1935 Denial of Service Vulnerability
http://www.securityfocus.com/bid/75908

SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
http://www.securityfocus.com/bid/73684

Multiple IBM DB2 Products CVE-2015-1922 Security Bypass Vulnerability
http://www.securityfocus.com/bid/75911

Cisco IOS and IOS XE Software CVE-2018-15373 Denial of Service Vulnerability
http://www.securityfocus.com/bid/105413

Cisco IOS ROM Monitor CVE-2018-15370 Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/105412

Cisco IOS and IOS XE Software CVE-2018-0475 Denial of Service Vulnerability
http://www.securityfocus.com/bid/105404

Cisco IOS and IOS XE Software CVE-2018-0466 Denial of Service Vulnerability
http://www.securityfocus.com/bid/105403

Drupal Taxonomy File Tree Module Access Bypass Vulnerability
http://www.securityfocus.com/bid/105401

Cisco IOS XE Software Errdisable CVE-2018-0480 Denial of Service Vulnerability
http://www.securityfocus.com/bid/105400

Drupal Commerce Klarna Checkout Module Access Bypass Vulnerability
http://www.securityfocus.com/bid/105399

Cisco IOS XE Software CVE-2018-0471 Denial of Service Vulnerability
http://www.securityfocus.com/bid/105398

Cisco IOS XE Software CVE-2018-0470 Denial of Service Vulnerability
http://www.securityfocus.com/bid/105397

2018-09-25


IBM DB2 and DB2 Connect CVE-2013-6717 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/64336

Apple Mac OS X Server APPLE-SA-2016-03-21-7 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/85054

Apache HTTP Server CVE-2018-11763 Denial of Service Vulnerability
http://www.securityfocus.com/bid/105414

Linux Kernel 'create_elf_tables()' Function Local Integer Overflow Vulnerability
http://www.securityfocus.com/bid/105407

2018-09-24


IBM DB2 and DB2 Connect CVE-2013-5466 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/64334

IBM DB2 and DB2 Connect Audit Facility Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/60255

Mozilla Firefox MFSA2018-20 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/105276

Dell EMC ESRS Policy Manager CVE-2018-15764 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/105405

Apple macOS Privacy Protection Implementation Security Bypass Vulnerability
http://www.securityfocus.com/bid/105393

Linux Kernel 'chap_server_compute_md5()' Function Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/105388
 

0 Comments
Monday, October 1, 2018 By rayah.medina