Threat Intelligence Feed — Tag: SMB

External threat actor at 154.0.30.234 (Côte d'Ivoire/AS37190) conducted extensive SMBv1 reconnaissance against network infrastructure over 18-day period ending March 5, 2026 21:00 UTC. Assessment: HIGH threat level with 85% confidence based on 60,881 events targeting legacy SMB protocols vulnerable…

Indonesian-based threat actor (36.68.34.81) conducted SMBv1 protocol reconnaissance against non-standard ports over a 26-hour period beginning March 2, 2026 06:00 UTC. Assessment: HIGH threat level due to targeting of deprecated SMBv1 protocol which enables lateral movement and remote code executio…

Malicious activity detected from 172.235.168.35 (NL, AS63949). 2503 events observed across HTTP, Java-RMI, MQTT, Modbus, Oracle/TNS. AI verdict: HIGH.