Upload
rukmal-fernando
View
215
Download
0
Embed Size (px)
Citation preview
7/31/2019 CheckPoint 7-20-2012 Daily Anti-Bot & Anti-Virus Report
1/10
Malware ReportJuly 20, 2012 12:00 AM - July 20, 2012 10:40 AM
Generated by Check Point SmartEvent, on July 20, 2012 10:40 AM 1
1/10
Protected Hosts
3 HostsInvolved in Malicious Activity
1Detected Malware
Infected HostsBy Infection Duration
Less than a Day 3 Hosts
Top MalwareBy Number of Hosts
Operator.JitteryPictur... 3 Hosts
Incidents between Jul 20 to Jul 20
Total Critical & High severity incidents
Fri 05:30 Fri 07:30 Fri 09:300
1
2
3
5Malicious Incidents
Prevent Detect (Policy can be modified to prevent more or all incident types)
5Prevented
0Detected
0BTotal Sent
0BTotal Received
5
Communication w ith C&C
5
7/31/2019 CheckPoint 7-20-2012 Daily Anti-Bot & Anti-Virus Report
2/10
1/10
Malware ReportJuly 20, 2012 12:00 AM - July 20, 2012 10:40 AM
Table of Contents 2
2/10
Top Hosts Involved in Malicious Activity 3
Top Malware 4
Top Activities and their Top Hosts 5
Top Protection Types and their Top Malware 6
Malware Activity 7
Infected Hosts by Infection Duration 8
Top Destination Countries 9
Malware News 10
7/31/2019 CheckPoint 7-20-2012 Daily Anti-Bot & Anti-Virus Report
3/10
Malware ReportJuly 20, 2012 12:00 AM - July 20, 2012 10:40 AM
Top Hosts Involved in Malicious Activity 3
Policy can be modified to prevent more or all incident types
3/10
By Number of Incidents
0 1 2 3
172.25.104.64
172.25.104.230
172.25.104.188
Machine NameNum. ofIncidents Prevented Detected
SentTraffic
ReceivedTraffic
172.25.104.188 2 2 0 0B 0B
172.25.104.230 2 2 0 0B 0B
172.25.104.64 1 1 0 0B 0B
Total (3) 5 5 0 0B 0B
By Sent Traffic (Bytes)
172.25.104.230
172.25.104.188
172.25.104.64
Machine NameSentTraffic
ReceivedTraffic
Num. ofIncidents Prevented Detected
172.25.104.64 0B 0B 1 1 0
172.25.104.188 0B 0B 2 2 0
172.25.104.230 0B 0B 2 2 0
Total (3) 0B 0B 5 5 0
7/31/2019 CheckPoint 7-20-2012 Daily Anti-Bot & Anti-Virus Report
4/10
Malware ReportJuly 20, 2012 12:00 AM - July 20, 2012 10:40 AM
Top Malware 4
4/10
By Number of Incidents
0 1 2 3 4 5 6
Operator.JitteryPicture.d...
Malware Name Num. of Incidents Num. of Hosts Comment
Operator.JitteryPicture.d 5 3 Post Infection
By Sent Traffic (Bytes)
Operator.JitteryPicture.d...
Malware NameSentTraffic
Num. ofIncidents
Num. ofHosts Comment
Operator.JitteryPicture.d 0B 5 3PostInfection
7/31/2019 CheckPoint 7-20-2012 Daily Anti-Bot & Anti-Virus Report
5/10
Malware ReportJuly 20, 2012 12:00 AM - July 20, 2012 10:40 AM
Top Activities and their Top Hosts 5
Policy can be modified to prevent more or all incident types
5/10
Communication with C&C (100%)
Malware Act ivity Machine NameNum. ofIncidents
SentTraffic Prevented Detected
Communication with
C&C
172.25.104.188 2 0B 2 0
172.25.104.230 2 0B 2 0
172.25.104.64 1 0B 1 0
Total (3) 5 0B 5 0
7/31/2019 CheckPoint 7-20-2012 Daily Anti-Bot & Anti-Virus Report
6/10
Malware ReportJuly 20, 2012 12:00 AM - July 20, 2012 10:40 AM
Top Protection Types and their Top Malware 6
Policy can be modified to prevent more or all incident types
6/10
URL Reputation (100%)
ProtectionType Malware Name
Num. ofIncidents
Num.ofHosts
SentTraf fic Preven ted Det ect ed
URLReputation
Operator.JitteryPicture.d 5 3 0B 5 0
7/31/2019 CheckPoint 7-20-2012 Daily Anti-Bot & Anti-Virus Report
7/10
Malware ReportJuly 20, 2012 12:00 AM - July 20, 2012 10:40 AM
Malware Activity 7
7/10
Fri 05:30 Fri 07:30 Fri 09:30
0
1
1
2
3
0
1
1
2
3
Num. of Incidents
Num. of Hosts
Fri 05:30 Fri 07:30 Fri 09:30
0B
0B
0B
0B
Sent Traffic
Received Traffic
Act ivity Dat eNum. ofIncidents
Num. ofHosts
SentTraffic
ReceivedTraffic
Jul 20 201205:30
1 1 0B 0B
Jul 20 201206:30
2 2 0B 0B
Jul 20 201209:30
2 2 0B 0B
7/31/2019 CheckPoint 7-20-2012 Daily Anti-Bot & Anti-Virus Report
8/10
Malware ReportJuly 20, 2012 12:00 AM - July 20, 2012 10:40 AM
Infected Hosts by Infection Duration 8
8/10
Machine Name Infected Since Num. of Incidents Sent Traffic Prevented Detected
172.25.104.64 Jul 20 2012 05:43 1 0B 1 0
172.25.104.230 Jul 20 2012 06:46 2 0B 2 0
172.25.104.188 Jul 20 2012 06:47 2 0B 2 0
Total (3) 5 0B 5 0
7/31/2019 CheckPoint 7-20-2012 Daily Anti-Bot & Anti-Virus Report
9/10
Malware ReportJuly 20, 2012 12:00 AM - July 20, 2012 10:40 AM
Top Destination Countries 9
9/10
DestinationCountry
Num. ofIncidents
Num.ofHosts
SentTraffic
ReceivedTraffic
Germany 5 3 0B 0B
7/31/2019 CheckPoint 7-20-2012 Daily Anti-Bot & Anti-Virus Report
10/10
Malware ReportJuly 20, 2012 12:00 AM - July 20, 2012 10:40 AM
Malware News 10
An inte rnet conne ctiv ity is ne eded for this page to be dyna mically updat ed 10/10
Latest Attacks
Anonymous shreds intelligence firm Stratfor
December 25, 2011 - Claimed that 200GB data stolen, with parts of it postedonline including the companys extensive client list. Read more
Anonymous Brazil attacks major Brazilian banks
February 7, 2012 - 10 different banks websites where hit with a denial ofservice attack, including Banco do Brazil, HSBC and the Brazilian Central
Bank. Read more
AntiSec leaks Symantec pcAnywhere source code after $50k
extortion not paid
February 7, 2012 - Hackers as sociated with Anonymous published online1.27 GB of Symantec source code. Read more
Did You Know?
Nearly 90% of spam activity is the result of bots
Altought it may appear to be harmless, in most cases computers sending out spam are infected with bots whichcan later be used for other malicious purposes (e.g. data theft).
The TDL-4 indestructible botnet infected over 4.5 million computers in the first 3 months of
2011.
The bot Leverages publicly available Peer-to-peer network to communicate with its remote operators as well asaffiliate programs as a key means of distribution. Its damages include data theft (such as bank account details and
pass words), anonymous Internet access and mass ive click fraud. Read more
Security breaches numbers, costs and APTs:
- 6 out of 10 enterprises experienced multiple security breaches in the past 12 months- 4 out of 10 enterprises responded that overall breaches cos t to the organization > $500k- 60% of IT security professional consider APT data breach as a key concernRead more: Ponemon Perception About Network Security Survey (June 2011), Bit9 endpoint security surveyQ3/2011
Product Related News
- 3D Security Analysis Report Tool - now supporting the new Anti-Bot and Anti-Virus software blades. Read more