Listers, Just following this from our semejis or is it shemjis across the border. Is it possible for CA to avail this kind of reports to the community? Regards ---------- Forwarded message ---------- From: Margaret Sevume <sevume@i-network.or.ug> Date: Tue, Sep 12, 2017 at 2:25 PM Subject: [i-network] [Action requise] cyber security situational awareness To: I-Network Uganda <i-network@dgroups.org>
From Uganda Computer Emergency Response Team CERT (UCC) …….
Good morning Ladies and Gentlemen, The CERT maintains a research honeypot which is run to gather information about the motives and tactics of hacker communities targeting different networks. The primary objective of the honeypot is to provide cyber security situational intelligence and also to research the threats that operators face and to learn how to better protect against those threats.
From the gathered information we note that at one any time we are under attack either directly or indirectly.
Over the last 24 hours we see *persistent attacks* from the following sources (countries). This information confirms the fact that cyber-attacks are real happenings and are a global problem. *Country * *Count* 1 China 1,728 2 Brazil 785 3 Ukraine 734 4 United States 727 5 Russia 674 6 France 655 7 Czechia 635 8 Argentina 468 9 Iraq 378 10 Mexico 295 We note the attacks are geared towards the following ports, with traffic mismatch. For example we note SIP traffic being routed to port 80, yet SIP traffic uses port 5060 and 5061 for communications. *dest_port* *count* 22 4262 23 1481 80 1325 5060 1201 5358 145 3389 122 2323 77 8080 72 8545 65 443 57 Similarly, we note the following usernames /passwords are the most commonly used for attempted account hijacking; *Top Usernames * *Top Passwords* 1 Admin support 2 Support admin 3 User password 4 Administrator 1234 5 Default Default We strongly encourage you to avoid using the above usernames or passwords as they are the most commonly used for account hijacking. Most computing devices use the above usernames by default, it is recommended you change the usernames to those that are not easily guessed or used. Regards [image: cid:image001.png@01D1F7B2.828CF410] *COMPUTER EMERGENCY RESPONSE TEAM * Uganda Communications Commission 42-44, Spring Road - Bugolobi <https://maps.google.com/?q=42-44,+Spring+Road+-+Bugolobi&entry=gmail&source=g>, P.O Box 7376 Kampala. Toll free: 0800 133 911 *www.ug-cert.ug <http://www.ug-cert.ug>* [image: cid:image002.png@01D1EF38.16ED9110] <https://www.facebook.com/UgCERT> [image: cid:image003.png@01D1EF38.16ED9110] <https://twitter.com/UgCERT> You are receiving this message because you are a leader of the community I-Network Uganda <https://dgroups.org/iicd/i-network>. All community leaders receive these notifications immediately regardless of their email settings for this community. MAILING LIST RULES - http://www.i-network.or.ug/ index.php?option=com_content&view=article&id=189&Itemid=193 WEEKLY DISCUSSION ROUNDUPS - http://www.i-network.or.ug/ index.php?option=com_content&view=category&id=191&Itemid=208 QUARTERLY eNEWSLETTERS - http://www.i-network.or.ug/ index.php?option=com_content&view=section&id=34&Itemid=194 WEBSITE - www.i-network.or.ug TWITTER - http://twitter.com/inetwork FACEBOOK - https://www.facebook.com/inetwork.ug The I-Network Dgroup is a platform for ICT Knowledge Sharing ------------------------------------------------------------ --------------------- Visit [web site]( http://dgroups.org/iicd/i-network/ ) Click [here]( mailto:leave.i-network@dgroups.org ) to unsubscribe The email is intended only for the recipients. The owners of the Dgroups cannot be held responsible for the contents of the email message. -- Barrack O. Otieno +254721325277 +254733206359 Skype: barrack.otieno PGP ID: 0x2611D86A
