Home
/
Blog

Emerging Threats and Vulnerabilities in Cybersecurity

June 3, 2021
By using this website, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
Accept
Green Plus icon

Loginsoft Research Team has been monitoring several exploits from the dedicated servers that were deployed globally for the purpose of threat discovery. The team analyzes and enriches this data to identify behavior, methods and intent of the Threat actors. The following observations can be summarized from the analyzed data.

This blog provides the key findings on the most impactful and evolving threats identified by our team. The Threat Intelligence data used for this analysis was generated from the first Quarter (Q1) 2021. We ensured that no sensitive information was disclosed or recorded during our scans to confirm the vulnerability.

What are the top 10 popular exploits identified?

We observed multiple exploitation attempts during our scans. While CVE-2018-10562(21.87%) is most vulnerable to attacks, CVE-2015-2051(16.47%) is second most vulnerable to attacks followed by CVE-2014-8361(15.14%) and others.

Following Pie chart illustrates the statistical analysis of the most popular exploits attempted.

Top 10 popular exploits identified

Given below are our observations on the percentage of attacks on the network endpoint devices by threat actors:

Following Pie chart presents the top 10 popular choices for targets by attackers.

Top 10 popular choices for targets by the attacker

Loginsoft Key Findings:

Below is a list of exploited key findings.

table { border-collapse: collapse; width: 100%; margin: 20px 0; border-radius: 8px; font-family: 'DM Sans', sans-serif; /* Webflow-friendly font */ font-size: 14px; color: #1a313f; } th, td { padding: 8px 20px; border: 1px solid rgba(255, 255, 255, 0.2); text-align: left; } th { font-weight: bold; background-color: rgb(26 49 63); color: #FFF; } tr:nth-child(odd) { background-color: rgba(0, 0, 0, 0.05); /* Added subtle banding for visual clarity */ }
No Top 10 CVEs Top 10 Targets Platforms Top 10 User Agents
1 CVE-2018-10562 (21.87%) MV Power Digital Video Recorders (29.56%) Hello, World (43.9%)
2 CVE-2015- 2051 (16.47%) Dasan GPON Home Routers (10.52%) Hello, World (21.39%)
3 CVE-2014- 8361 (15.14%) Netgear DGN1000 1.1.00.48 (10.25%) Hello-World (5.56%)
4 CVE-2016-6277 (11.34%) Eir D1000 Modems (9.13%) Mozilla/4.0
(Compatible, SIE 6.0; Windows NT 5.1) (5.27%)
5 CVE-2016-10372 (11.07%) D-Link DIR-645 (7.5%) Go-http-client/1.1 (4.7%)
6 CVE-2015-1427 (6.85%) Realtek SDK (7.29%) Python Requests/2.20.0 (3.95%)
7 CVE-2013-7471 (6.69%) NETGEAR R6250 (5.08%) XTC (3.18%)
8 CVE-2020-8515 (1.98%) D-Link Services (3.23%) Python Requests/2.3.0 CPython/2.7.18 Windows /10 (0.72%)
9 CVE-2020-5722 (1.94%) Linksys E-Series (3.06%) Python Requests/2.25.1 (0.72%)
10 CVE-2017-17215 (1.64%) Vacron NVR devices (3.06%) Python Requests/2.6.0 CPython/2.7.5 Linux/3.10.0-1127.e17.x86_84 (0.69%)
11 Others (5.02%) Others (11.33%) Others (9.94%)

What are the top 10 most commonly observed user agents?

Our Research team also found that Go-http-client and Python Requests, among others, were often the user agents used in the attacks.

Following Pie chart presents the top 10 most commonly observed user-agents.

Top 10 most commonly observed user agents

During our analysis, our team identified the Origination of Threats from different regions across the globe. Please note that these regions do not indicate the physical location of the threat actors; instead, they indicate the location of the hosting servers used by threat actors around the world.

Following is the information on threat origination across the regions:

table { border-collapse: collapse; width: 100%; margin: 20px 0; border-radius: 8px; font-family: 'DM Sans', sans-serif; /* Webflow-friendly font */ font-size: 14px; color: #1a313f; } th, td { padding: 8px 20px; border: 1px solid rgba(255, 255, 255, 0.2); text-align: left; } th { font-weight: bold; background-color: rgb(26 49 63); color: #FFF; } tr:nth-child(odd) { background-color: rgba(0, 0, 0, 0.05); /* Added subtle banding for visual clarity */ }
Regions CoveredOrigination of Threats (%)
America8.06%
Europe9.44%
Asia58.15%
Africa7.78%
Others 13.9%

Get notified

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

BLOGS AND RESOURCES

Latest Articles

View all our articles →
RansomHub Revealed: Threats, Tools, and Tactics

December 9, 2024

The Rise of INTERLOCK Ransomware

November 13, 2024

Fortifying the Cloud: A Guide to Securing Vulnerable Cloud Environments

October 23, 2024

Cybersecurity Solutions
Vulnerability IntelligenceSecurity & Threat Intelligence IntegrationsVulnerability & Configuration ManagementOSS - Software Composition AnalysisOSS - Dependancy DefenceOSS - Zero-Day DiscoveryThreat IntelligenceExternal Attack Surface DiscoveryCloud Security Posture ManagementCloud Workload Protection
IT Solutions
Data Science & AISoftware Development  & SupportQA AutomationStaff Augmentation
Platforms
LOVICytellite
Company
BlogsReportsAbout usCareers
Research
Research-as-a -ServiceZero-Day Discovery
1-703-956-7410info@loginsoft.com
© 2024 - Copyright
Privacy policy