CyberSolace constantly monitors and defends against attacks on its website. However, since December 2018 we noticed a big surge in the number of attacks hitting our website and decided to note and log all attempts with the view to share that information with our clients and site visitors. Hopefully, casting some light on the persistent IP sources behind those attacks and the relevant indicators which may benefit anyone interested to defend their website.
Overall, we found that the nature of the attacks is not very sophisticated and mostly relying on simple brute-force attempts on the administrator login of the website. E.g. using ‘admin’ as username ‘123’ as password in the attempts. On very few occasions the attackers tried to upload malicious files or conduct SQL injections. Nonetheless we thought it may be helpful to share the sources and indicators of the attacks to help defenders blacklist or block the source IP addresses proactively if they so wished.
We will aim to keep the list updated over time.
Click the button below to access the tool.