“out of 50 of the top attacking ip addresses also came from within europe. ip addresses assigned to france headed the top attacking source countries list, accounting for 11 % of the total malicious traffic directed in region. this is closely followed by ip addresses assigned in it…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1046Network Service Discovery
73%
“ip addresses on the top 50 attacking ip addresses list were engaging in the same multi - port scanning behavior, many of which were dutch, french, russian, and moldovan. 1 similar to the top source traffic countries list, most of the top attacking ip addresses come from within eu…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1071.001Web Protocols
72%
“regional threat perspectives, fall 2019 : europe f5 labs, in conjunction with our partner baffin bay networks, researches global attack traffic region to region to gain a deeper understanding of the cyber threat landscape. aside from attack campaigns targeting the entire internet…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1071.001Web Protocols
64%
“a normalized 92, 000 attacks, no other ip addresses in ukraine or ireland were in the top attacking ip address list, discussed later. this indicates that attacks coming from ip addresses in those countries were more distributed ; that is, they were launched from many ip addresses…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
62%
“ports vnc 5900 was the top attacked port in europe and in all regions globally from august 1, 2019 through october 31, 2019. this activity is not typical, hence the investigative threat hunting we are doing on twitter mentioned previously. smb port 445 is in second position for s…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1110Brute Force
51%
“in the same region, the european and the russian threat landscapes saw little overlap in terms of specific ip addresses sending malicious traffic. eighteen percent of the top attacking ip addresses sending malicious traffic to europe were unique to europe, while 16 % of that top …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1110.004Credential Stuffing
44%
“in the same region, the european and the russian threat landscapes saw little overlap in terms of specific ip addresses sending malicious traffic. eighteen percent of the top attacking ip addresses sending malicious traffic to europe were unique to europe, while 16 % of that top …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1046Network Service Discovery
31%
“europe saw the most regional attack traffic, with 50 % of the top 20 source traffic countries originating in europe. along with that, 64 % of the normalized attack traffic was in - region, making it difficult for organizations to filter malicious traffic. - the top ip address lau…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Europe saw more in-region attack traffic—the hardest kind to filter out—than any of the 8 regions of the world we analyzed.