Red Piranha Threat Intelligence Report - September 24-30 2018

TRENDS


  • China is on top of the list with 1311 unique attackers (26.5%). 
  • The exploit events were Command Execution, SQL Injection, Miscellaneous, and Attack Response. 
  • The Top Alarm was OTX Indicators of Compromise with 187 Occurrences (68.3%).


TOP ATTACKER COUNTRIES

CountryNo. of AttackersPercentage
China131126.5%
United States95719.3%
Russian Federation3166.4%
Brazil3056.2%
India2434.9%
France2324.7%
Republic of Korea1984.0%
Vietnam1984.0%
Germany1543.1%
Netherlands1362.7%
United Kingdom1302.6%
Taiwan1062.1%
Italy1052.1%
Indonesia972.0%
Canada931.9%
Ukraine821.7%
Thailand761.5%
Egypt741.5%
Australia691.4%
Hong Kong641.3%


Top Cyber Attackers by Country September 24-30 2018


THREAT GEOLOCATION

Cyber Security Threat Geolocations September 24-30 2018



TOP ATTACKING HOSTS

Top Attacker Hosts September 24-30 2018



TOP ALARMS

AlarmNo. of Occurrences
OTX Indicators of Compromise - PULSE151
Bruteforce Authentication - SSH41
Database Attack - Stored Procedure Access - Attack21
Attack Tool detected - Attack8


Comparison to Previous Week


AlarmNo. of Occurrences
Bruteforce Authentication - SSH187
OTX Indicators of Compromise - PULSE147
Database Attack - Stored Procedure Access - Attack98
WebServer Attack - Attack33
Attack Tool detected - Attack29




EXPLOIT EVENT TYPES AND TOP EVENTS NIDS

Exploit Events September 24-30 2018



OPEN THREAT EXCHANGE

Pulses SubscribedIndicatorsLast UpdatedNumber of AlarmsNumber of Events
5,737871,9182018-10-01 01:29:355,5549,195



VULNERABILITIES

2018-09-27


Multiple IBM DB2 Products CVE-2014-0919 Information Disclosure Vulnerability
securityfocus.com/bid/74217

Multiple IBM DB2 Products CVE-2014-8901 Remote Denial of Service Vulnerability
securityfocus.com/bid/71734

Multiple IBM DB2 Products CVE-2014-6210 Remote Denial of Service Vulnerability
securityfocus.com/bid/71730

Multiple IBM DB2 Products CVE-2014-6209 Remote Denial of Service Vulnerability
securityfocus.com/bid/71729

Multiple Cisco Products CVE-2015-6420 Remote Code Execution Vulnerability
securityfocus.com/bid/78872

Fuji Electric Alpha5 Smart Loader ICSA-18-270-02 Multiple Security Vulnerabilities
securityfocus.com/bid/105411

Delta Industrial Automation PMSoft CVE-2018-14824 Information Disclosure Vulnerability
securityfocus.com/bid/105409

Multiple Fuji Electric FRENIC Devices ICSA-18-270-03 Multiple Security Vulnerabilities
securityfocus.com/bid/105408

Emerson AMS Device Manager ICSA-18-270-01 Multiple Security Vulnerabilities
securityfocus.com/bid/105406  


                                                                                                                                    
2018-09-26


Multiple IBM DB2 Products CVE-2014-8910 File Disclosure Vulnerability
securityfocus.com/bid/75949

Multiple IBM DB2 Products CVE-2015-1935 Denial of Service Vulnerability
securityfocus.com/bid/75908

SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
securityfocus.com/bid/73684

Multiple IBM DB2 Products CVE-2015-1922 Security Bypass Vulnerability
securityfocus.com/bid/75911

Cisco IOS and IOS XE Software CVE-2018-15373 Denial of Service Vulnerability
securityfocus.com/bid/105413

Cisco IOS ROM Monitor CVE-2018-15370 Local Security Bypass Vulnerability
securityfocus.com/bid/105412

Cisco IOS and IOS XE Software CVE-2018-0475 Denial of Service Vulnerability
securityfocus.com/bid/105404

Cisco IOS and IOS XE Software CVE-2018-0466 Denial of Service Vulnerability
securityfocus.com/bid/105403

Drupal Taxonomy File Tree Module Access Bypass Vulnerability
securityfocus.com/bid/105401

Cisco IOS XE Software Errdisable CVE-2018-0480 Denial of Service Vulnerability
securityfocus.com/bid/105400

Drupal Commerce Klarna Checkout Module Access Bypass Vulnerability
securityfocus.com/bid/105399

Cisco IOS XE Software CVE-2018-0471 Denial of Service Vulnerability
securityfocus.com/bid/105398

Cisco IOS XE Software CVE-2018-0470 Denial of Service Vulnerability
securityfocus.com/bid/105397


2018-09-25

Top Cyber Security Alarms September 24-30 2018
Details
Category
Threat Intelligence