TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

F5 Labs

Cyberattacks Targeting Latin America, January through March 2021

2021-04-28 · Read original ↗

ATT&CK techniques detected

4 predictions
T1190Exploit Public-Facing Application
96%
"and known web vulnerabilities. modern enterprises need to ensure that they have up - to - date visibility into exposed services, strong authentication, and an efficient and effective patching policy. recommendations to mitigate the types of attacks discussed here, we recommend pu…"
T1046Network Service Discovery
94%
"of the top asns targeting latin america, january through march 2021. top targeted services and ports threat actors scanned a wide range of ports, but port 5900 ( used by vnc for remote desktop sharing and control ) had the highest number of hits at more than 108 million. the top …"
T1595.002Vulnerability Scanning
33%
"expected to be the most common for web probing, and this data set had 40, 505 hits. http posts came in second at 24, 628, followed by head probes at 1, 608. figure 4 shows the breakdown. top web cyberattackers web attacks originated from the following countries during the first t…"
T1190Exploit Public-Facing Application
32%
"##ius holding b. v. ( as50673 ) led the attack chart with over 47 million requests. - attacks on php and wordpress were the most commonly seen, but many other vulnerabilities were also detected. attack traffic details analysis of the traffic yielded significant insights into the …"

Summary

Latin America’s cyberattack landscape saw continued focus on port 5900 and the targeting of common web vulnerabilities.