Shellshock Activity Still Tracked to 138 Countries in Solutionary Q2 2015 SERT Threat Report

Shellshock Activity Still Tracked to 138 Countries in Solutionary Q2 2015 SERT Threat Report

ID: 409914

U.S. and China Lead Top Sources of Command and Control Traffic; 48 Percent of Top 25 Hostile Non-U.S. IP Addresses Are "Bruteforce" Repeat Offenders


(firmenpresse) - OMAHA, NE -- (Marketwired) -- 07/29/15 -- Solutionary, an NTT Group security company (NYSE: NTT) and the next-generation managed security services provider (MSSP), today announced the results of its Security Engineering Research Team (SERT) Quarterly Threat Report for Q2 2015. Solutionary SERT performed a broad analysis of the threat landscape, which unearthed several key findings. A year after the initial flurry of Shellshock activity, Solutionary identified several campaigns targeting the bash vulnerability during the latest quarter -- more than 600,000 events from 138 countries. The identified campaigns include Hidden C, China Z, Lucky Socks and the QNAP worm, designed typically to set up larger botnets under the control of the attacker and establish backdoors to systems to allow access to contents or further compromise. Among other highlights, Solutionary analysis found that the United States and China were the leading sources of command and control traffic, with 21 and 20 percent of the share. Additional research found that 48 percent of the top 25 hostile non-U.S. IP addresses are "Bruteforce" repeat offenders.

"The high volume of reconnaissance activity indicates a precursor of what's to come," said Rob Kraus, director of security research and strategy, Solutionary. "Cybercriminals are preying on existing vulnerabilities, including Shellshock, to plan future attacks. Despite the flurry of data breaches and targeted attacks, enterprises are failing to practice good security hygiene to mitigate and prevent similar attacks."



Shellshock was targeted more at education (38 percent) than at technology (17 percent), healthcare (six percent), finance (five percent) and manufacturing (five percent) combined. Overall, 600,000 events of Shellshock activity were discovered in 138 countries, originating from more than 25,000 IPs and 2,027 different service providers.

The U.S. and China led all countries in malicious command and control traffic, with 21 percent and 20 percent respectively.





From the top 25 hostile non-U.S. repeat IP addresses, "Bruteforcers" accounted for 48 percent of all malevolent activity. Solutionary saw a relatively large amount of SSH brute force attempts that targeted SSH usernames and passwords, often on systems that did not have "maximums" set. Successful brute forcing in this case could allow assailants to copy files, create directories, download content from remote sites and more.

The largest single source of malware threats, representing almost 46 percent of all malware, originated from the U.S. China and Ukraine followed with 26 percent and 12 percent, respectively, and Japan leapt up 14 places to fifth on the list.

Of the top 25 hostile non-U.S. repeat IP addresses, China accounted for 32 percent of total foreign attacks, followed by Germany (12 percent) and Hungary, France and Ukraine with eight percent, each.

Readers will find several sections in the report that provide timely, actionable information they can use to help protect against today's most malicious attack tactics and vectors.

To access a copy of the complete report, please visit:



Solutionary, an NTT Group security company (NYSE: NTT), is the next generation managed security services provider (MSSP), focused on delivering managed security services, security consulting services and global threat intelligence. Comprehensive Solutionary security monitoring and security device management services protect traditional and virtual IT infrastructures, cloud environments and mobile data. Solutionary clients are able to optimize current security programs, make informed security decisions, achieve regulatory compliance and reduce costs. The patented, cloud-based ActiveGuard® service platform uses multiple detection technologies and advanced analytics to protect against advanced threats. The Solutionary Security Engineering Research Team (SERT) researches the global threat landscape, providing actionable threat intelligence, enhanced threat detection and mitigating controls. Experienced, certified Solutionary security experts act as an extension of clients' internal teams, providing industry-leading client service to global enterprise and mid-market clients in a wide range of industries, including financial services, healthcare, retail and government. Services are delivered 24/7 through multiple state-of-the-art Security Operations Centers (SOCs).



PR Contact
10Fold Communications
Travis Anderson

925.271.8227


Themen in dieser Pressemitteilung:


Unternehmensinformation / Kurzprofil:
drucken  als PDF  an Freund senden  
Bereitgestellt von Benutzer: Marketwired
Datum: 29.07.2015 - 12:00 Uhr
Sprache: Deutsch
News-ID 409914
Anzahl Zeichen: 4243

contact information:
Town:

OMAHA, NE



Kategorie:



Diese Pressemitteilung wurde bisher 154 mal aufgerufen.


Die Pressemitteilung mit dem Titel:
"Shellshock Activity Still Tracked to 138 Countries in Solutionary Q2 2015 SERT Threat Report"
steht unter der journalistisch-redaktionellen Verantwortung von

Solutionary (Nachricht senden)

Beachten Sie bitte die weiteren Informationen zum Haftungsauschluß (gemäß TMG - TeleMedianGesetz) und dem Datenschutz (gemäß der DSGVO).


Alle Meldungen von Solutionary



 

Werbung



Sponsoren

foodir.org The food directory für Deutschland
News zu Snacks finden Sie auf Snackeo.
Informationen für Feinsnacker finden Sie hier.

Firmenverzeichniss

Firmen die firmenpresse für ihre Pressearbeit erfolgreich nutzen
1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z