TRENDS
- 6% Decrease in Attacks from China
- Delivery & Attack - Bruteforce Authentication - SSH was the top alarm registered this week.
- Port 22 (SSH) was the port most used
TOP ATTACKER COUNTRIES
| Country |
Percentage |
| China |
25.70% |
| United States of America |
20.70% |
| Vietnam |
8.10% |
| Republic of Korea |
6.70% |
| France |
5.60% |
| Brazil |
5.20% |
| Russia |
4.60% |
| India |
4.60% |
| Germany |
2.10% |
| Taiwan |
1.90% |
| Italy |
1.80% |
| United Kingdom |
1.80% |
| Egypt |
1.60% |
| Ukraine |
1.60% |
| Indonesia |
1.50% |
| Canada |
1.50% |
| Japan |
1.40% |
| Thailand |
1.10% |
| Turkey |
1.10% |
THREAT GEOLOCATION
TOP ATTACKING HOSTS
| Host |
Occurrences |
| 61.177.172.152 |
304 |
| 5.101.40.10 |
139 |
| 61.177.172.133 |
120 |
| 58.218.198.172 |
109 |
| 103.89.88.175 |
108 |
| 103.89.89.237 |
106 |
| 103.99.2.188 |
103 |
| 103.89.88.171 |
87 |
| 37.139.139.176 |
77 |
TOP ATTACKING NETWORKS
| AS4134 |
CHINANET Zhejiang province network |
| AS57043 |
United Protection (UK) Security LIMITED |
| AS135905 |
ETC Viet Nam Development Technology Company Limited |
| AS57866 |
Fusix Networks B.V. |
TOP ALARMS
| Alarm |
No. of Occurrences |
| Delivery & Attack - Bruteforce Authentication - SSH |
2897 |
| Environmental Awareness - OTX Indicators of Compromise - PULSE |
1106 |
| Delivery & Attack - WebServer Attack - SQL Injection - Attack Pattern Detection |
30 |
| Delivery & Attack - Bruteforce Authentication - Linux/Unix |
835 |
| Exploitation & Installation - WebServer Attack - XSS |
24 |
Comparison to Previous Report
| Alarm |
No. of Occurrences |
| Delivery & Attack - Bruteforce Authentication - SSH |
2040 |
| Environmental Awareness - OTX Indicators of Compromise - PULSE |
1010 |
| Delivery & Attack - WebServer Attack - SQL Injection - Attack Pattern Detection |
20 |
| Delivery & Attack - Bruteforce Authentication - Linux/Unix |
631 |
| Exploitation & Installation - WebServer Attack - XSS |
15 |
Top Events Categories
Top NIDS Event Categories
