Loginsoft Research Team has been monitoring several exploits from the dedicated servers that were deployed globally for the purpose of threat discovery. The team analyzes and enriches this data to identify behavior, methods and intent of the Threat actors. The following observations can be summarized from the analyzed data.
This blog provides the key findings on the most impactful and evolving threats identified by our team. The Threat Intelligence data used for this analysis was generated from the first Quarter (Q1) 2021. We ensured that no sensitive information was disclosed or recorded during our scans to confirm the vulnerability.
We observed multiple exploitation attempts during our scans. While CVE-2018-10562(21.87%) is most vulnerable to attacks, CVE-2015-2051(16.47%) is second most vulnerable to attacks followed by CVE-2014-8361(15.14%) and others.
Following Pie chart illustrates the statistical analysis of the most popular exploits attempted.
Given below are our observations on the percentage of attacks on the network endpoint devices by threat actors:
Following Pie chart presents the top 10 popular choices for targets by attackers.
Below is a list of exploited key findings.
Our Research team also found that Go-http-client and Python Requests, among others, were often the user agents used in the attacks.
Following Pie chart presents the top 10 most commonly observed user-agents.
During our analysis, our team identified the Origination of Threats from different regions across the globe. Please note that these regions do not indicate the physical location of the threat actors; instead, they indicate the location of the hosting servers used by threat actors around the world.
Following is the information on threat origination across the regions:
IN-HOUSE EXPERTISE
Get practical solutions to real-world challenges, straight from experts who conquered them.
View all our articles