Loginsoft Research Team has been monitoring several exploits from the dedicated servers that were deployed globally for the purpose of threat discovery. The team analyzes and enriches this data to identify behavior, methods and intent of the Threat actors. The following observations can be summarized from the analyzed data.
This blog provides the key findings on the most impactful and evolving threats identified by our team. The Threat Intelligence data used for this analysis was generated from the first Quarter (Q1) 2021. We ensured that no sensitive information was disclosed or recorded during our scans to confirm the vulnerability.
We observed multiple exploitation attempts during our scans. While CVE-2018-10562(21.87%) is most vulnerable to attacks, CVE-2015-2051(16.47%) is second most vulnerable to attacks followed by CVE-2014-8361(15.14%) and others.
Following Pie chart illustrates the statistical analysis of the most popular exploits attempted.
Given below are our observations on the percentage of attacks on the network endpoint devices by threat actors:
Following Pie chart presents the top 10 popular choices for targets by attackers.
Below is a list of exploited key findings.
Our Research team also found that Go-http-client and Python Requests, among others, were often the user agents used in the attacks.
Following Pie chart presents the top 10 most commonly observed user-agents.
During our analysis, our team identified the Origination of Threats from different regions across the globe. Please note that these regions do not indicate the physical location of the threat actors; instead, they indicate the location of the hosting servers used by threat actors around the world.
Following is the information on threat origination across the regions:
For over 15 years, leading companies in Telecom, Cybersecurity, Healthcare, Finance, New Media and more have come to rely on Loginsoft as a trusted resource for technology talent. Whether Onsite, Offsite, or Offshore, we deliver.
Let’s start a conversation.
[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section]
For over 16 years, leading companies in Telecom, Cybersecurity, Healthcare, Banking, New Media and more have come to rely on Loginsoft as a trusted resource for technology talent. Whether Onsite, Offsite, or Offshore, we deliver.
Loginsoft is a leading Cybersecurity services company providing Security Advisory Research to generate metadata for vulnerabilities in Open source components, Discovering ZeroDay Vulnerabilities, Developing Vulnerability Detection signatures using MITRE OVAL Language.
Expertise in Integrations with Threat Intelligence and Security Products, integrated more than 200+ integrations with leading TIP, SIEM, SOAR and Ticketing Platforms such as Cortex XSOAR, Anomali, ThreatQ, Splunk, IBM QRadar, IBM Resilient, Microsoft Azure Sentinel, ServiceNow, Swimlane, Siemplify, MISP, Maltego, Cryptocurrency APIs with Digital Exchange Platforms, CISCO, Datadog, Symantec, Carbonblack, F5, Fortinet and so on.
Interested to learn more? Let’s start a conversation.
IN-HOUSE EXPERTISE
Get practical solutions to real-world challenges, straight from experts who conquered them.
View all our articles