Application Protection Report 2019, Episode 1: PHP Reconnaissance
ATT&CK techniques detected
T1190Exploit Public-Facing Application
88%
"huge proportion ( 37 % ) of the total traffic, at 24 % and 13 % of the entire traffic over the year. furthermore, all of the traffic from these two ips was pointed at the seven pma paths. by contrast, no other single ip accounted for anything near as much traffic, nor did any oth…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
36%
"side language that ’ s been used in 80 % of sites on the web since 2013. 1 it underpins several of the largest web applications in the world, including wordpress and facebook. 2 this prevalence, particularly among beginning web developers, also makes it a big target. from a secur…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Analysis of sensor data from 2018 revealed a big focus on PHP generally, and specifically a large, unsophisticated reconnaissance campaign looking for unsecured databases with PHP front ends.