Red Piranha Threat Intelligence Report - February 26 - March 5 '2018

TRENDS

  • 6% decrease in attacks from China
  • 28% decrease in Bruteforce Authentication - SSH

  

TOP ATTACKER COUNTRIES

Country Attackers Percentage
China 503 28.20%
United States of America 347 19.45%
Vietnam 149 8.35%
Republic of Korea 126 7.06%
Russian Federation 112 6.28%
France 96 5.38%
Brazil 94 5.27%
India 73 4.09%
Germany 46 2.58%
Netherlands 42 2.35%
United Kingdom 41 2.30%
Japan 29 1.63%
Ukraine 27 1.51%
Indonesia 24 1.35%
Poland 21 1.81%
Canada 19 1.07%
Australia 12 0.67%
Venezuela 10 0.56%
Pakistan 7 0.39%
Portugal 6 0.34%

Top Cyber Attackers by Country Debruary 26 - March 5 2018

 THREAT GEOLOCATION

Cyber Security Threat Geolocations February 26 - March 5 2018

  

 

TOP ATTACKING HOSTS

Top Attacker Hosts February 26 - March 5 2018

TOP 5 ATTACKING NETWORKS 

AS4134 CHINANET Zhejiang province network
AS4837 China Unicom AnHui province network
AS57043 United Protection (UK) Security LIMITED
AS4134 CHINANET Jiangsu Province Network
AS11014 CPS

TOP ALARMS

Alarm No. of Occurrences
Delivery & Attack - Bruteforce Authentication - SSH 280
Environmental Awareness - OTX Indicators of Compromise - PULSE 212
Delivery & Attack - WebServer Attack - SQL Injection - Attack Pattern Detection 4
Delivery & Attack - Bruteforce Authentication - Linux/Unix 195
Exploitation & Installation - WebServer Attack - XSS 6

Comparison to Previous Report

Alarm No. of Occurrences
Delivery & Attack - Bruteforce Authentication - SSH 389
Environmental Awareness - OTX Indicators of Compromise - PULSE 282
Delivery & Attack - WebServer Attack - SQL Injection - Attack Pattern Detection 4
Delivery & Attack - Bruteforce Authentication - Linux/Unix 167
Exploitation & Installation - WebServer Attack - XSS 3

ALARMS

exclamation Multiple Failed Logins in Short time
exclamation SSH Insecure Connection Attempt (Scan)
exclamation Failed Password
exclamation Invalid User
Note: As per previous reports these all appear to be completely random scanning bots
exclamation WebServer Attack - SQL Injection Attempt
exclamation WebServer Attack - XSS

Top Cyber Security Alarms February 26 - March 5 2018
Details
Category
Threat Intelligence