Drupal and Oracle WebLogic also were hit with more cyberattacks during same quarter.

Dark Reading Staff, Dark Reading

October 10, 2018

1 Min Read

Cyberattacks targeting Microsoft Internet Information Services (IIS) increased from 2,000 in Q1 2018 to 1.7 million in Q2, marking a 782x increase.

The finding comes from a new threat report published today by eSentire, which discovered IIS, Drupal, and Oracle WebLogic technologies were all hit with more attacks in the second quarter. Researchers from eSentire Threat Intelligence learned there was a consistent number of attacks leveraging IIS and WebLogic exploits – about 200 per IP across organizations.

Most IIS and WebLogic attacks came from servers hosting Apache, RDP, IIS, SQL, and HTTP API services, they report. The majority of attacks targeting IIS Web servers came from IP addresses based in China, which, according to Shodan, holds 1 million of the 3.5 million total exposed IIS servers around the world. The compromised servers in IIS attacks mostly came from Tencent and Alibaba.

The report also describes patterns among the operating systems of attacking servers. Shodan's records of more than 400 malicious IPs indicate they were running Windows XP, 7, 8, 2008, and 2012. There were almost 350 FTP servers and more than 100 mail servers, along with VPN servers, MikroTik devices, Kangle, Squid, Jetty, and other less common Web technologies.

Read more details here.

BHEURUOPE2018-vplug_Web_Banners_468x60_Sponsor.png

 

 

 

Black Hat Europe returns to London Dec 3-6 2018  with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights