[kictanet] Fwd: [i-network] [Action requise] cyber security situational awareness (Reports from CA?)

Barrack Otieno otieno.barrack at gmail.com
Wed Sep 13 09:58:08 EAT 2017 

Listers,

Just following this from our semejis or is it shemjis across the border. Is
it possible for CA to avail this kind of reports to the community?

Regards
---------- Forwarded message ----------
From: Margaret Sevume <sevume at i-network.or.ug>
Date: Tue, Sep 12, 2017 at 2:25 PM
Subject: [i-network] [Action requise] cyber security situational awareness
To: I-Network Uganda <i-network at dgroups.org>


>From Uganda Computer Emergency Response Team CERT (UCC) …….

Good morning Ladies and Gentlemen,



The CERT maintains a research honeypot which is run to gather information
about the motives and tactics of  hacker  communities targeting different
networks. The primary objective of the honeypot is to provide cyber
security situational intelligence and also to research the threats that
operators face and to learn how to better protect against those threats.

>From the gathered information we note that at one any time we are under
attack either directly or indirectly.



Over the last 24 hours we see *persistent  attacks* from the following
sources (countries). This information confirms the fact that cyber-attacks
are real happenings and are a global problem.





*Country *

*Count*

1

China

1,728

2

Brazil

785

3

Ukraine

734

4

United States

727

5

Russia

674

6

France

655

7

Czechia

635

8

Argentina

468

9

Iraq

378

10

Mexico

295



We note the attacks are geared towards the following ports, with traffic
mismatch. For example we note SIP traffic being routed to port 80, yet SIP
traffic uses port 5060 and 5061 for communications.



*dest_port*

*count*

22

4262

23

1481

80

1325

5060

1201

5358

145

3389

122

2323

77

8080

72

8545

65

443

57





Similarly, we note the following usernames /passwords  are the most
commonly used for attempted account hijacking;



*Top Usernames *

*Top Passwords*

1

Admin

support

2

Support

admin

3

User

password

4

Administrator

1234

5

Default

Default



We strongly encourage you to avoid using the above usernames or passwords
as they are the most commonly used for account hijacking. Most computing
devices use the above usernames by default, it is recommended you change
the usernames to those that are not easily guessed or used.

Regards

[image: cid:image001.png at 01D1F7B2.828CF410]

*COMPUTER EMERGENCY RESPONSE TEAM *

Uganda Communications Commission

42-44, Spring Road - Bugolobi
<https://maps.google.com/?q=42-44,+Spring+Road+-+Bugolobi&entry=gmail&source=g>,
P.O Box 7376 Kampala.

Toll free: 0800 133 911   *www.ug-cert.ug <http://www.ug-cert.ug>*

[image: cid:image002.png at 01D1EF38.16ED9110]
<https://www.facebook.com/UgCERT> [image:
cid:image003.png at 01D1EF38.16ED9110] <https://twitter.com/UgCERT>





You are receiving this message because you are a leader of the
community I-Network
Uganda <https://dgroups.org/iicd/i-network>. All community leaders receive
these notifications immediately regardless of their email settings for this
community.
MAILING LIST RULES - http://www.i-network.or.ug/
index.php?option=com_content&view=article&id=189&Itemid=193

WEEKLY DISCUSSION ROUNDUPS - http://www.i-network.or.ug/
index.php?option=com_content&view=category&id=191&Itemid=208

QUARTERLY eNEWSLETTERS - http://www.i-network.or.ug/
index.php?option=com_content&view=section&id=34&Itemid=194

WEBSITE - www.i-network.or.ug

TWITTER - http://twitter.com/inetwork

FACEBOOK - https://www.facebook.com/inetwork.ug

The I-Network Dgroup is a platform for ICT Knowledge Sharing


------------------------------------------------------------
---------------------
Visit [web site]( http://dgroups.org/iicd/i-network/ )
Click [here]( mailto:leave.i-network at dgroups.org ) to unsubscribe
The email is intended only for the recipients. The owners of the Dgroups
cannot be held responsible for the contents of the email message.






-- 
Barrack O. Otieno
+254721325277
+254733206359
Skype: barrack.otieno
PGP ID: 0x2611D86A
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20170913/51687eef/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 3655 bytes
Desc: not available
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20170913/51687eef/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 9894 bytes
Desc: not available
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20170913/51687eef/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 3489 bytes
Desc: not available
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20170913/51687eef/attachment-0002.png>

More information about the KICTANet mailing list