Close

Not a member yet? Register now and get started.

lock and key

Sign in to your account.

Account Login

Forgot your password?

Fwd: [i-network] [Action requise] cyber security situational awareness (Reports from CA?)

13 Sep Posted by in kictanet | Comments
Listers,

Just following this from our semejis or is it shemjis across the border. Is it possible for CA to avail this kind of reports to the community?

Regards

———- Forwarded message ———-
From: Margaret Sevume <sevume@i-network.or.ug>
Date: Tue, Sep 12, 2017 at 2:25 PM
Subject: [i-network] [Action requise] cyber security situational awareness
To: I-Network Uganda <i-network@dgroups.org>

From Uganda Computer Emergency Response Team CERT (UCC) …….

Good morning Ladies and Gentlemen,

 

The CERT maintains a research honeypot which is run to gather information about the motives and tactics of  hacker  communities targeting different networks. The primary objective of the honeypot is to provide cyber security situational intelligence and also to research the threats that operators face and to learn how to better protect against those threats.

From the gathered information we note that at one any time we are under attack either directly or indirectly.

 

Over the last 24 hours we see persistent  attacks from the following sources (countries). This information confirms the fact that cyber-attacks are real happenings and are a global problem.

 

 

Country

Count

1

China

1,728

2

Brazil

785

3

Ukraine

734

4

United States

727

5

Russia

674

6

France

655

7

Czechia

635

8

Argentina

468

9

Iraq

378

10

Mexico

295

 

We note the attacks are geared towards the following ports, with traffic mismatch. For example we note SIP traffic being routed to port 80, yet SIP traffic uses port 5060 and 5061 for communications.

 

dest_port

count

22

4262

23

1481

80

1325

5060

1201

5358

145

3389

122

2323

77

8080

72

8545

65

443

57

 

 

Similarly, we note the following usernames /passwords  are the most commonly used for attempted account hijacking;

 

Top Usernames

Top Passwords

1

Admin

support

2

Support

admin

3

User

password

4

Administrator

1234

5

Default

Default

 

We strongly encourage you to avoid using the above usernames or passwords as they are the most commonly used for account hijacking. Most computing devices use the above usernames by default, it is recommended you change the usernames to those that are not easily guessed or used.

Regards

cid:image001.png@01D1F7B2.828CF410

COMPUTER EMERGENCY RESPONSE TEAM

Uganda Communications Commission

42-44, Spring Road – Bugolobi,  P.O Box 7376 Kampala.

Toll free: 0800 133 911   www.ug-cert.ug

cid:image002.png@01D1EF38.16ED9110 cid:image003.png@01D1EF38.16ED9110

 

 

You are receiving this message because you are a leader of the community I-Network Uganda. All community leaders receive these notifications immediately regardless of their email settings for this community.

MAILING LIST RULES – http://www.i-network.or.ug/index.php?option=com_content&view=article&id=189&Itemid=193

WEEKLY DISCUSSION ROUNDUPS – http://www.i-network.or.ug/index.php?option=com_content&view=category&id=191&Itemid=208

QUARTERLY eNEWSLETTERS – http://www.i-network.or.ug/index.php?option=com_content&view=section&id=34&Itemid=194

WEBSITE – www.i-network.or.ug

TWITTER – http://twitter.com/inetwork

FACEBOOK – https://www.facebook.com/inetwork.ug

The I-Network Dgroup is a platform for ICT Knowledge Sharing

———————————————————————————
Visit [web site]( http://dgroups.org/iicd/i-network/ )
Click [here]( mailto:leave.i-network@dgroups.org ) to unsubscribe
The email is intended only for the recipients. The owners of the Dgroups cannot be held responsible for the contents of the email message.



Barrack O. Otieno
+254721325277
+254733206359
Skype: barrack.otieno
PGP ID: 0x2611D86A
 


 


Leave a comment

Please sign in to leave a comment.