Monthly Top 10 Countries – Sept. 2022 Unique active DDoS botnet hosts detected: 🇨🇳 China: 40,202 🇰🇷 South Korea: 8,104 🇮🇳 India: 5,262 🇹🇼 Taiwan: 3,877 🇪🇬 Egypt: 3,544 🇺🇸 United States: 3,129 🇧🇷 Brazil: 3,034 🇷🇺 Russia: 2,456 🇯🇵 Japan: 2,130 🇹🇭 Thailand: 1,341 #threatintel

⚠️ CVE-2022-41082 event detected ⚠️ Source IP: 80.78.25.253 (🇸🇪) Target: Microsoft Exchange servers vulnerable to remote code execution. #ProxyNotShell #threatintel

Mass scanning activity detected from multiple hosts targeting Fortinet products (FortiOS, FortiProxy, and FortiSwitchManager) vulnerable to authentication bypass (CVE-2022-40684). Vendor advisory: fortiguard.com/psirt/FG-IR-22… PoC: horizon3.ai/fortios-fortip… #threatintel

⚠️ CVE-2022-40684 event detected ⚠️ Source IP: 91.211.16.202 (🇷🇺) Target: Multiple Fortinet products (FortiOS, FortiProxy, and FortiSwitchManager) vulnerable to authentication bypass (nvd.nist.gov/vuln/detail/CV…). #threatintel

Monthly Top 10 Countries – Oct. 2022 Unique active DDoS botnet hosts detected: 🇨🇳 China: 40,612 🇰🇷 South Korea: 8,599 🇮🇳 India: 6,810 🇹🇼 Taiwan: 5,408 🇺🇸 United States: 3,236 🇧🇷 Brazil: 2,938 🇹🇭 Thailand: 2,477 🇷🇺 Russia: 2,379 🇯🇵 Japan: 1,784 🇪🇬 Egypt: 1,767 #threatintel

Monthly Top 10 Countries – Nov. 2022 Unique active DDoS botnet hosts detected: 🇨🇳 China: 33,714 🇹🇼 Taiwan: 6,910 🇮🇳 India: 6,810 🇰🇷 South Korea: 6,487 🇺🇸 United States: 4,501 🇧🇷 Brazil: 2,737 🇷🇺 Russia: 2,392 🇯🇵 Japan: 1,834 🇹🇷 Turkey: 1,048 🇮🇹 Italy: 1,047 #threatintel

Drop all traffic from AS207812 (🇧🇬) – 79.124.62.0/24

Yearly Top 10 Countries – 2022 Unique active DDoS botnet hosts detected: 🇨🇳 China: 285,785 🇮🇳 India: 51,270 🇹🇼 Taiwan: 36,045 🇰🇷 South Korea: 35,462 🇧🇷 Brazil: 27,681 🇺🇸 United States: 26,875 🇷🇺 Russia: 23,592 🇪🇬 Egypt: 23,050 🇯🇵 Japan: 17,716 🇲🇽 Mexico: 13,517 #threatintel

Weekly Top 10 Countries Unique active DDoS botnet hosts detected: 🇨🇳 China: 13,480 🇰🇷 South Korea: 3,479 🇹🇼 Taiwan: 3,469 🇮🇳 India: 2,664 🇺🇸 United States: 2,151 🇧🇷 Brazil: 1,454 🇷🇺 Russia: 1,012 🇮🇹 Italy: 622 🇻🇳 Vietnam: 507 🇯🇵 Japan: 499 #threatintel

⚠️ CVE-2022-40684 event detected ⚠️ Source IP: 185.205.209.236 (🇧🇬) Target: Multiple Fortinet products (FortiOS, FortiProxy, and FortiSwitchManager) vulnerable to authentication bypass. #threatintel

Drop all traffic from AS204428 (🇧🇬)

⚠️ CVE-2020-5902 event detected ⚠️ Source IP: 45.128.232.181 (🇳🇱) Payload: http:// 192 . 161 . 55 . 115/ljc.sh Target: F5 BIG-IP Traffic Management User Interface (TMUI) endpoints vulnerable to remote code execution. #threatintel

.Cybersecurity and Infrastructure Security Agency has added ten new vulnerabilities to its KEV Catalog, based on evidence of active exploitation: CVE-2023-0266 CVE-2022-42948 CVE-2022-39197 CVE-2022-38181 CVE-2022-3038 CVE-2022-22706 CVE-2021-30900 CVE-2017-7494 CVE-2014-1776 CVE-2013-3163 cisa.gov/known-exploite…

Monthly Top 10 Countries – April 2023 Unique active DDoS botnet hosts detected: 🇨🇳 China: 36,151 🇮🇳 India: 9,598 🇻🇳 Vietnam: 5,872 🇰🇷 South Korea: 4,519 🇹🇼 Taiwan: 4,179 🇧🇷 Brazil: 3,701 🇺🇸 United States: 3,011 🇷🇺 Russia: 2,264 🇦🇷 Argentina: 1,353 🇪🇬 Egypt: 1,178 #threatintel

The 2023 #DBIR is almost here! Verizon DBIR is hosting webinar on June 6th to discuss key findings: verizon.com/business/resou…

“The hidden code is meant to be an innocuous tool to keep the motherboard’s firmware updated, researchers found that it’s implemented insecurely, potentially allowing the mechanism to be hijacked and used to install malware instead.” wired.com/story/gigabyte…

Monthly Top 10 Countries – May 2023 Unique active DDoS botnet hosts detected: 🇨🇳 China: 33,183 🇮🇳 India: 12,885 🇧🇷 Brazil: 5,312 🇰🇷 South Korea: 4,705 🇺🇸 United States: 3,805 🇹🇼 Taiwan: 3,630 🇻🇪 Venezuela: 2,371 🇷🇺 Russia: 2,274 🇦🇷 Argentina: 2,203 🇻🇳 Vietnam: 2,006 #threatintel

We’re excited to share Verizon Business has finally dropped the 2023 Data Breach Investigations Report. Read up on all the latest cybersecurity intel, trends and advanced preventative measures. Download your copy here: vzbiz.biz/dbir-partner #DBIR

Drop all traffic from 109.205.213.0/24 (🇦🇿/🇬🇧/🇺🇸)* ____ *Geolocation vendors don't agree. Hosts associated with this netblock are physically located in 🇺🇸.

Bad Packets is giving away a BSides Las Vegas ticket. Drop a comment below for a chance to win! Rules: One winner selected at random. No purchase necessary to enter. Government employees ineligible to participate. Void where prohibited. Winner will be announced on July 28th.