Dashboard
Global
- 01
-
Top Attacks (past 24 hours)
Description Attacks per subnet Change from yesterday CVE Percentage POLICY Reserved IP Space Traffic - Bogon Nets 1 281.69 -3.7 % 
22.6%Microsoft SQL Server version buffer overflow attempt 281.44 +1.8 % 
CVE-2002-0649 22.5%POLICY Reserved IP Space Traffic - Bogon Nets 2 183.81 -5.0 %
14.7%MALWARE Suspicious Mozilla User-Agent - Likely Fake (Mozilla/5.0) 174.61 -4.4 %
14.0%VNC network scanning activity 65.49 -16.8 %
5.2%[more] Description Attacks per subnet Change from yesterday CVE Percentage Microsoft Windows IIS Server Translate Header attempt 30.19 +60.3 %
CVE-2000-0778 2.4%Setup.php access 17.19 +45.6 %
1.4%MYSQL brute-force login attempts 18.36 +35.4 %
1.5%[more] - 02
-
Top Scanned Services (past 24 hours)
Description Traffic per subnet Change from yesterday Latest CVE Percentage TCP/445 (microsoft-ds) 235.70 kB -3.9 %
CVE-2009-3103 17.8%TCP/23 (telnet) 139.45 kB -3.0 %
CVE-2007-0956 10.5%UDP/5060 (sip) 122.50 kB -45.9 %
CVE-2006-0189 9.2%UDP/10320 99.56 kB +100.0 %
7.5%UDP/1434 (ms-sql-m) 84.08 kB +0.9 %
CVE-2002-0649 6.3%[more] Description Traffic per subnet Change from yesterday Latest CVE Percentage TCP/8080 (webcache) 20.51 kB +111.8 %
CVE-2007-5461 1.5%UDP/10320 99.56 kB +100.0 %
7.5%TCP/21 (ftp) 16.17 kB +100.0 %
CVE-2009-3023 1.2%TCP/3128 (squid) 11.61 kB +100.0 %
CVE-2007-0247 0.9%TCP/4899 (radmin-port) 42.78 kB +68.0 %
3.2%[more] - 03
-
Top Threat Sources (past 24 hours)
Country 
Rank Attacks per subnet Scans per subnet Botnets Phishing DoS 
US (United States)1 56 220.22 kB 1071 25230 88 
AU (Australia)2 2 9.00 kB 11 10142 0 
NL (Netherlands)3 26 22.93 kB 156 8126 2 
BR (Brazil)4 25 14.29 kB 13 7025 24 
CN (China)5 368 172.79 kB 63 161 99 
SE (Sweden)6 1 6.72 kB 43 3788 1 
DE (Germany)7 9 43.91 kB 207 2021 4 
RU (Russian Federation)8 83 65.35 kB 82 1255 2 
PL (Poland)9 7 18.11 kB 15 2687 0 
FR (France)10 19 17.38 kB 132 2149 114 
GB (Great Britain)11 15 33.39 kB 139 1798 13 
CA (Canada)12 3 7.84 kB 76 2571 0 
TR (Turkey)13 199 64.12 kB 78 401 6 
IT (Italy)14 13 32.47 kB 24 1319 0 
KR (South Korea)15 20 63.82 kB 17 93 39 
HK (Hong Kong)16 4 63.91 kB 7 109 0 
TW (Taiwan)17 54 47.93 kB 5 232 18 
ID (Indonesia)18 25 51.98 kB 16 150 1 
ES (Spain)19 2 31.85 kB 21 438 3 
RO (Romania)20 46 21.50 kB 13 456 0 ASN Rank Attacks per subnet Scans per subnet Botnets Phishing DoS AS10143 (EXETEL-AS-AP) 1 0 0 B 0 9301 0 AS44557 (DRAGONARA) 2 0 0 B 0 7252 0 AS28299 (CYBERWEB) 3 0 0 B 0 5985 0 AS36351 (SOFTLAYER) 4 8 2.71 kB 10 3718 1 AS33837 (PRQ-AS) 5 0 0 B 0 3618 0 AS15244 (ADDD2NET-COM-INC-DBA-LUNARPAGES) 6 0 0 B 0 3459 0 AS4134 (CHINANET-BACKBONE) 7 204 88.74 kB 25 0 74 AS32475 (SINGLEHOP-INC) 8 0 3.61 kB 6 2248 0 AS16138 (INTERIAPL) 9 0 0 B 0 1907 0 AS9381 (NEWTT-IP-AP) 10 0 59.91 kB 0 0 0 AS16276 (OVH) 11 0 0 B 72 1591 4 AS32613 (IWEB-AS) 12 0 0 B 0 1682 0 AS14618 (AMAZON-AES) 13 0 0 B 0 1606 0 AS9121 (TTNET) 14 0 50.42 kB 20 0 4 AS46475 (LIMESTONENETWORKS) 15 0 39.57 kB 7 231 0 AS3462 (HINET) 16 35 44.82 kB 0 0 0 AS21844 (THEPLANET-AS) 17 0 2.88 kB 27 1038 52 AS17974 (TELKOMNET-AS2-AP) 18 0 42.89 kB 0 0 0 AS9394 (CRNET) 19 85 31.01 kB 0 0 0 AS12322 (PROXAD) 20 0 10.89 kB 11 402 110
ASERT Security Intelligence
Summary: Critical infrastructure connectivity continues to increase risk, as demonstrated by a large number of industrial control systems being Internet accessible, some without authentication. News reports indicate that railways may have been attacked, although these attacks may have been of low significance and not targeted. Corporate boardroom videoconference systems have taken a blow as a researcher demonstrates various insecurities that allow eavesdropping. Symantec suggests temporarily disabling PcAnywhere software as a result of a source code leak increasing security risks, and US-CERT issues a Cyber Security Alert related to widespread DDoS attacks with various Anonymous DDoS tools and tactics.
Title: Symantec tells customers to disable pcAnywhere software| Reuters
Severity Level: High Severity
Published: Wed, 25 Jan 2012 19:18:20 +0000
Symantec recommends that customers temporarily disable pcAnywhere software due to a source code leak
Source: Symantec tells customers to disable pcAnywhere software| Reuters
Title: Hacking boardroom videoconferencing systems | Naked Security
Severity Level: Elevated Severity
Published: Wed, 25 Jan 2012 19:18:20 +0000
Videoconferencing systems may be vulnerable to eavesdropping attacks.
Source: Hacking boardroom videoconferencing systems | Naked Security
Title: 10K Reasons to Worry About Critical Infrastructure | Threat Level | Wi ...
Severity Level: Normal Severity
Published: Wed, 25 Jan 2012 19:18:20 +0000
Security researcher reveals many industrial control systems connected to the Internet
Source: 10K Reasons to Worry About Critical Infrastructure | Threat Level | Wi ...
Title: Hackers Breached Railyway Network, Disrupted Service | Threat Level | ...
Severity Level: Normal Severity
Published: Wed, 25 Jan 2012 19:18:20 +0000
News reports indicate that attackers have breached the security of railway transportation systems, however details indicate that this may not have been a targeted attack.
Source: Hackers Breached Railyway Network, Disrupted Service | Threat Level | ...
What Will Trigger Widespread Worldwide IPv6 Deployment?
Everyone is wondering when IPv6 will actually be deployed in earnest on the global Internet. While there are a handful of enterprises that have extensive internal IPv6 deployments, the ratio of IPv6 to IPv4 traffic in the global Internet is still very small (See “World IPv6 Day: Final Look and “Wagon’s Ho!”). I have a [...]
Tue, 06 Dec 2011 14:20:49 +0000
The importance of DARPA funding
As many of you know, Arbor Networks was founded in 2000 in order to commercialize research I did as a graduate student with Farnam Jahanian, my advisor at the electrical engineering and computer science department at the University of Michigan. The research we did, and everything that followed, would not have been possible without a [...]
Wed, 09 Nov 2011 20:23:59 +0000
Cloud Signaling: From napkin to networks
Long time comin’! Cloud Signaling! Man… what a long time coming! I remember drawing the concept for cloud signaling at a Denny’s at about 1:30 in the morning way back in the Spring of 1999. Arbor wasn’t even incorporated at the time, but Farnam and I were talking about being able to hit a ‘big [...]
Thu, 03 Nov 2011 17:30:09 +0000
A major event took place in Sao Paulo, Brazil last month. No, I’m not referring to the Miss Universe Pageant that also happened at the same time at the Hilton in Sao Paulo. I’m referring to the Futurecom held at the Transamerica Expo. Futurecom is definitely the premier technology exposition in Brazil and in my [...]
Mon, 10 Oct 2011 11:19:25 +0000
Arbor Networks at Virus Bulletin 2011
Arbor’s ASERT team has a paper at this year’s Virus Bulletin conference in Barcelona, Spain. The paper, by Arbor’s Jeff Edwards and Jose Nazario, is titled A survey of Chinese DDoS malware and is based on some of the detailed analysis we did as part of the development of the ATLAS intelligence feed or AIF. [...]
Wed, 05 Oct 2011 19:44:25 +0000
Site News
-
6 Omni Way, Chelmsford, MA 01824
T 781.684.0900 | 866.212.7267 F 781.768.3299
Copyright © 2006-2009 Arbor Networks, Inc., All rights reserved.
About ATLAS | Terms of Use | Legal Notice | Privacy Policy