Cyber Threats Targeting Russia, Winter 2019
ATT&CK techniques detected
T1046Network Service Discovery
99%
“##zer online gmbh as a top attacking asn in both geographic regions. rounding out the top ten asns were those that often used more distributed ip addresses in order to conduct abusive port scanning, which is typically associated with network reconnaissance looking for vulnerabili…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1046Network Service Discovery
97%
“2019 through december 31, 2019. we saw the ip address tied to this asn conducing abusive port scanning directed towards smb port 445 and other common ports such as ssh port 22. access granted by exploiting a vulnerability in either protocol could spill a lot of information about …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
The Russian threat landscape is unique from other regions of the world in that it had the most unique attacking IP addresses.